/src/tpm2/CreatePrimary.c

Source (jump to first uncovered line)
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "CreatePrimary_fp.h"
#include "Object_spt_fp.h"
#include "Platform.h"
//
//
//     Error Returns                  Meaning
//
//     TPM_RC_ATTRIBUTES              sensitiveDataOrigin is CLEAR when 'sensitive.data' is an Empty
//                                    Buffer, or is SET when 'sensitive.data' is not empty; fixedTPM,
//                                    fixedParent, or encryptedDuplication attributes are inconsistent
//                                    between themselves or with those of the parent object; inconsistent
//                                    restricted, decrypt and sign attributes; attempt to inject sensitive data
//                                    for an asymmetric key; attempt to create a symmetric cipher key that
//                                    is not a decryption key
//     TPM_RC_KDF                     incorrect KDF specified for decrypting keyed hash object
//     TPM_RC_OBJECT_MEMORY           there is no free slot for the object
//     TPM_RC_SCHEME                  inconsistent attributes decrypt, sign, restricted and key's scheme ID;
//                                    or hash algorithm is inconsistent with the scheme ID for keyed hash
//                                    object
//     TPM_RC_SIZE                    size of public auth policy or sensitive auth value does not match
//                                    digest size of the name algorithm sensitive data size for the keyed
//                                    hash object is larger than is allowed for the scheme
//     TPM_RC_SYMMETRIC               a storage key with no symmetric algorithm specified; or non-storage
//                                    key with symmetric algorithm different from TPM_ALG_NULL
//     TPM_RC_TYPE                    unknown object type;
//
TPM_RC
TPM2_CreatePrimary(
   CreatePrimary_In    *in,                  // IN: input parameter list
   CreatePrimary_Out   *out                  // OUT: output parameter list
   )
{
// Local variables
   TPM_RC              result = TPM_RC_SUCCESS;
   TPMT_SENSITIVE      sensitive;

// Input Validation
   // The sensitiveDataOrigin attribute must be consistent with the setting of
   // the size of the data object in inSensitive.
   if(   (in->inPublic.t.publicArea.objectAttributes.sensitiveDataOrigin == SET)
      != (in->inSensitive.t.sensitive.data.t.size == 0 ))
       // Mismatch between the object attributes and the parameter.
       return TPM_RC_ATTRIBUTES + RC_CreatePrimary_inSensitive;

   // Check attributes in input public area. TPM_RC_ATTRIBUTES, TPM_RC_KDF,
   // TPM_RC_SCHEME, TPM_RC_SIZE, TPM_RC_SYMMETRIC, or TPM_RC_TYPE error may
   // be returned at this point.
   result = PublicAttributesValidation(FALSE, in->primaryHandle,
                                       &in->inPublic.t.publicArea);
   if(result != TPM_RC_SUCCESS)
       return RcSafeAddToResult(result, RC_CreatePrimary_inPublic);

   // Validate the sensitive area values
   if( MemoryRemoveTrailingZeros(&in->inSensitive.t.sensitive.userAuth)
           > CryptGetHashDigestSize(in->inPublic.t.publicArea.nameAlg))
//
       return TPM_RC_SIZE + RC_CreatePrimary_inSensitive;

// Command output

   // Generate Primary Object
   // The primary key generation process uses the Name of the input public
   // template to compute the key. The keys are generated from the template
   // before anything in the template is allowed to be changed.
   // A TPM_RC_KDF, TPM_RC_SIZE error may be returned at this point
   result = CryptCreateObject(in->primaryHandle, &in->inPublic.t.publicArea,
                              &in->inSensitive.t.sensitive,&sensitive);
   if(result != TPM_RC_SUCCESS)
       return result;

   // Fill in creation data
   FillInCreationData(in->primaryHandle, in->inPublic.t.publicArea.nameAlg,
                      &in->creationPCR, &in->outsideInfo, &out->creationData,
                      &out->creationHash);

   // Copy public area
   out->outPublic = in->inPublic;

   // Fill in private area for output
   ObjectComputeName(&(out->outPublic.t.publicArea), &out->name);

   // Compute creation ticket
   TicketComputeCreation(EntityGetHierarchy(in->primaryHandle), &out->name,
                         &out->creationHash, &out->creationTicket);

   // Create a internal object. A TPM_RC_OBJECT_MEMORY error may be returned
   // at this point.
   result = ObjectLoad(in->primaryHandle, &in->inPublic.t.publicArea, &sensitive,
                       &out->name, in->primaryHandle, TRUE, &out->objectHandle);

   return result;
}

Coverage Report

Created: 2025-09-05 06:38

Line	Count	Source (jump to first uncovered line)
1		// This file was extracted from the TCG Published
2		// Trusted Platform Module Library
3		// Part 3: Commands
4		// Family "2.0"
5		// Level 00 Revision 01.16
6		// October 30, 2014
7
8		#include "InternalRoutines.h"
9		#include "CreatePrimary_fp.h"
10		#include "Object_spt_fp.h"
11		#include "Platform.h"
12		//
13		//
14		// Error Returns Meaning
15		//
16		// TPM_RC_ATTRIBUTES sensitiveDataOrigin is CLEAR when 'sensitive.data' is an Empty
17		// Buffer, or is SET when 'sensitive.data' is not empty; fixedTPM,
18		// fixedParent, or encryptedDuplication attributes are inconsistent
19		// between themselves or with those of the parent object; inconsistent
20		// restricted, decrypt and sign attributes; attempt to inject sensitive data
21		// for an asymmetric key; attempt to create a symmetric cipher key that
22		// is not a decryption key
23		// TPM_RC_KDF incorrect KDF specified for decrypting keyed hash object
24		// TPM_RC_OBJECT_MEMORY there is no free slot for the object
25		// TPM_RC_SCHEME inconsistent attributes decrypt, sign, restricted and key's scheme ID;
26		// or hash algorithm is inconsistent with the scheme ID for keyed hash
27		// object
28		// TPM_RC_SIZE size of public auth policy or sensitive auth value does not match
29		// digest size of the name algorithm sensitive data size for the keyed
30		// hash object is larger than is allowed for the scheme
31		// TPM_RC_SYMMETRIC a storage key with no symmetric algorithm specified; or non-storage
32		// key with symmetric algorithm different from TPM_ALG_NULL
33		// TPM_RC_TYPE unknown object type;
34		//
35		TPM_RC
36		TPM2_CreatePrimary(
37		CreatePrimary_In *in, // IN: input parameter list
38		CreatePrimary_Out *out // OUT: output parameter list
39		)
40	4	{
41		// Local variables
42	4	TPM_RC result = TPM_RC_SUCCESS;
43	4	TPMT_SENSITIVE sensitive;
44
45		// Input Validation
46		// The sensitiveDataOrigin attribute must be consistent with the setting of
47		// the size of the data object in inSensitive.
48	4	if( (in->inPublic.t.publicArea.objectAttributes.sensitiveDataOrigin == SET)
49	4	!= (in->inSensitive.t.sensitive.data.t.size == 0 ))
50		// Mismatch between the object attributes and the parameter.
51	0	return TPM_RC_ATTRIBUTES + RC_CreatePrimary_inSensitive;
52
53		// Check attributes in input public area. TPM_RC_ATTRIBUTES, TPM_RC_KDF,
54		// TPM_RC_SCHEME, TPM_RC_SIZE, TPM_RC_SYMMETRIC, or TPM_RC_TYPE error may
55		// be returned at this point.
56	4	result = PublicAttributesValidation(FALSE, in->primaryHandle,
57	4	&in->inPublic.t.publicArea);
58	4	if(result != TPM_RC_SUCCESS)
59	0	return RcSafeAddToResult(result, RC_CreatePrimary_inPublic);
60
61		// Validate the sensitive area values
62	4	if( MemoryRemoveTrailingZeros(&in->inSensitive.t.sensitive.userAuth)
63	4	> CryptGetHashDigestSize(in->inPublic.t.publicArea.nameAlg))
64		//
65	0	return TPM_RC_SIZE + RC_CreatePrimary_inSensitive;
66
67		// Command output
68
69		// Generate Primary Object
70		// The primary key generation process uses the Name of the input public
71		// template to compute the key. The keys are generated from the template
72		// before anything in the template is allowed to be changed.
73		// A TPM_RC_KDF, TPM_RC_SIZE error may be returned at this point
74	4	result = CryptCreateObject(in->primaryHandle, &in->inPublic.t.publicArea,
75	4	&in->inSensitive.t.sensitive,&sensitive);
76	4	if(result != TPM_RC_SUCCESS)
77	0	return result;
78
79		// Fill in creation data
80	4	FillInCreationData(in->primaryHandle, in->inPublic.t.publicArea.nameAlg,
81	4	&in->creationPCR, &in->outsideInfo, &out->creationData,
82	4	&out->creationHash);
83
84		// Copy public area
85	4	out->outPublic = in->inPublic;
86
87		// Fill in private area for output
88	4	ObjectComputeName(&(out->outPublic.t.publicArea), &out->name);
89
90		// Compute creation ticket
91	4	TicketComputeCreation(EntityGetHierarchy(in->primaryHandle), &out->name,
92	4	&out->creationHash, &out->creationTicket);
93
94		// Create a internal object. A TPM_RC_OBJECT_MEMORY error may be returned
95		// at this point.
96	4	result = ObjectLoad(in->primaryHandle, &in->inPublic.t.publicArea, &sensitive,
97	4	&out->name, in->primaryHandle, TRUE, &out->objectHandle);
98
99	4	return result;
100	4	}