/src/tpm2/LoadExternal.c

Source (jump to first uncovered line)
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "LoadExternal_fp.h"
#include "Object_spt_fp.h"
//
//
//     Error Returns                     Meaning
//
//     TPM_RC_ATTRIBUTES                 'fixedParent" and fixedTPM must be CLEAR on on an external key if
//                                       both public and sensitive portions are loaded
//     TPM_RC_BINDING                    the inPublic and inPrivate structures are not cryptographically bound.
//     TPM_RC_HASH                       incorrect hash selection for signing key
//     TPM_RC_HIERARCHY                  hierarchy is turned off, or only NULL hierarchy is allowed when
//                                       loading public and private parts of an object
//     TPM_RC_KDF                        incorrect KDF selection for decrypting keyedHash object
//     TPM_RC_KEY                        the size of the object's unique field is not consistent with the indicated
//                                       size in the object's parameters
//     TPM_RC_OBJECT_MEMORY              if there is no free slot for an object
//     TPM_RC_SCHEME                     the signing scheme is not valid for the key
//     TPM_RC_SIZE                       authPolicy is not zero and is not the size of a digest produced by the
//                                       object's nameAlg TPM_RH_NULL hierarchy
//     TPM_RC_SYMMETRIC                  symmetric algorithm not provided when required
//     TPM_RC_TYPE                       inPublic and inPrivate are not the same type
//
TPM_RC
TPM2_LoadExternal(
   LoadExternal_In       *in,                   // IN: input parameter list
   LoadExternal_Out      *out                   // OUT: output parameter list
   )
{
   TPM_RC                 result;
   TPMT_SENSITIVE        *sensitive;
   BOOL                   skipChecks;

// Input Validation

   // If the target hierarchy is turned off, the object can not be loaded.
   if(!HierarchyIsEnabled(in->hierarchy))
       return TPM_RC_HIERARCHY + RC_LoadExternal_hierarchy;

   // the size of authPolicy is either 0 or the digest size of nameAlg
   if(in->inPublic.t.publicArea.authPolicy.t.size != 0
           && in->inPublic.t.publicArea.authPolicy.t.size !=
           CryptGetHashDigestSize(in->inPublic.t.publicArea.nameAlg))
       return TPM_RC_SIZE + RC_LoadExternal_inPublic;

   // For loading an object with both public and sensitive
   if(in->inPrivate.t.size != 0)
   {
       // An external object can only be loaded at TPM_RH_NULL hierarchy
       if(in->hierarchy != TPM_RH_NULL)
           return TPM_RC_HIERARCHY + RC_LoadExternal_hierarchy;
       // An external object with a sensitive area must have fixedTPM == CLEAR
       // fixedParent == CLEAR, and must have restrict CLEAR so that it does not
       // appear to be a key that was created by this TPM.
         if(   in->inPublic.t.publicArea.objectAttributes.fixedTPM != CLEAR
            || in->inPublic.t.publicArea.objectAttributes.fixedParent != CLEAR
            || in->inPublic.t.publicArea.objectAttributes.restricted != CLEAR
           )
             return TPM_RC_ATTRIBUTES + RC_LoadExternal_inPublic;
   }

   // Validate the scheme parameters
   result = SchemeChecks(TRUE, TPM_RH_NULL, &in->inPublic.t.publicArea);
   if(result != TPM_RC_SUCCESS)
           return RcSafeAddToResult(result, RC_LoadExternal_inPublic);

// Internal Data Update
   // Need the name to compute the qualified name
   ObjectComputeName(&in->inPublic.t.publicArea, &out->name);
   skipChecks = (in->inPublic.t.publicArea.nameAlg == TPM_ALG_NULL);

   // If a sensitive area was provided, load it
   if(in->inPrivate.t.size != 0)
       sensitive = &in->inPrivate.t.sensitiveArea;
   else
       sensitive = NULL;

   // Create external object. A TPM_RC_BINDING, TPM_RC_KEY, TPM_RC_OBJECT_MEMORY
   // or TPM_RC_TYPE error may be returned by ObjectLoad()
   result = ObjectLoad(in->hierarchy, &in->inPublic.t.publicArea,
                       sensitive, &out->name, TPM_RH_NULL, skipChecks,
                       &out->objectHandle);
   return result;
}

Line	Count	Source (jump to first uncovered line)
1		// This file was extracted from the TCG Published
2		// Trusted Platform Module Library
3		// Part 3: Commands
4		// Family "2.0"
5		// Level 00 Revision 01.16
6		// October 30, 2014
7
8		#include "InternalRoutines.h"
9		#include "LoadExternal_fp.h"
10		#include "Object_spt_fp.h"
11		//
12		//
13		// Error Returns Meaning
14		//
15		// TPM_RC_ATTRIBUTES 'fixedParent" and fixedTPM must be CLEAR on on an external key if
16		// both public and sensitive portions are loaded
17		// TPM_RC_BINDING the inPublic and inPrivate structures are not cryptographically bound.
18		// TPM_RC_HASH incorrect hash selection for signing key
19		// TPM_RC_HIERARCHY hierarchy is turned off, or only NULL hierarchy is allowed when
20		// loading public and private parts of an object
21		// TPM_RC_KDF incorrect KDF selection for decrypting keyedHash object
22		// TPM_RC_KEY the size of the object's unique field is not consistent with the indicated
23		// size in the object's parameters
24		// TPM_RC_OBJECT_MEMORY if there is no free slot for an object
25		// TPM_RC_SCHEME the signing scheme is not valid for the key
26		// TPM_RC_SIZE authPolicy is not zero and is not the size of a digest produced by the
27		// object's nameAlg TPM_RH_NULL hierarchy
28		// TPM_RC_SYMMETRIC symmetric algorithm not provided when required
29		// TPM_RC_TYPE inPublic and inPrivate are not the same type
30		//
31		TPM_RC
32		TPM2_LoadExternal(
33		LoadExternal_In *in, // IN: input parameter list
34		LoadExternal_Out *out // OUT: output parameter list
35		)
36	50	{
37	50	TPM_RC result;
38	50	TPMT_SENSITIVE *sensitive;
39	50	BOOL skipChecks;
40
41		// Input Validation
42
43		// If the target hierarchy is turned off, the object can not be loaded.
44	50	if(!HierarchyIsEnabled(in->hierarchy))
45	0	return TPM_RC_HIERARCHY + RC_LoadExternal_hierarchy;
46
47		// the size of authPolicy is either 0 or the digest size of nameAlg
48	50	if(in->inPublic.t.publicArea.authPolicy.t.size != 0
49	50	&& in->inPublic.t.publicArea.authPolicy.t.size !=
50	0	CryptGetHashDigestSize(in->inPublic.t.publicArea.nameAlg))
51	0	return TPM_RC_SIZE + RC_LoadExternal_inPublic;
52
53		// For loading an object with both public and sensitive
54	50	if(in->inPrivate.t.size != 0)
55	50	{
56		// An external object can only be loaded at TPM_RH_NULL hierarchy
57	50	if(in->hierarchy != TPM_RH_NULL)
58	0	return TPM_RC_HIERARCHY + RC_LoadExternal_hierarchy;
59		// An external object with a sensitive area must have fixedTPM == CLEAR
60		// fixedParent == CLEAR, and must have restrict CLEAR so that it does not
61		// appear to be a key that was created by this TPM.
62	50	if( in->inPublic.t.publicArea.objectAttributes.fixedTPM != CLEAR
63	50	\|\| in->inPublic.t.publicArea.objectAttributes.fixedParent != CLEAR
64	50	\|\| in->inPublic.t.publicArea.objectAttributes.restricted != CLEAR
65	50	)
66	0	return TPM_RC_ATTRIBUTES + RC_LoadExternal_inPublic;
67	50	}
68
69		// Validate the scheme parameters
70	50	result = SchemeChecks(TRUE, TPM_RH_NULL, &in->inPublic.t.publicArea);
71	50	if(result != TPM_RC_SUCCESS)
72	1	return RcSafeAddToResult(result, RC_LoadExternal_inPublic);
73
74		// Internal Data Update
75		// Need the name to compute the qualified name
76	49	ObjectComputeName(&in->inPublic.t.publicArea, &out->name);
77	49	skipChecks = (in->inPublic.t.publicArea.nameAlg == TPM_ALG_NULL);
78
79		// If a sensitive area was provided, load it
80	49	if(in->inPrivate.t.size != 0)
81	49	sensitive = &in->inPrivate.t.sensitiveArea;
82	0	else
83	0	sensitive = NULL;
84
85		// Create external object. A TPM_RC_BINDING, TPM_RC_KEY, TPM_RC_OBJECT_MEMORY
86		// or TPM_RC_TYPE error may be returned by ObjectLoad()
87	49	result = ObjectLoad(in->hierarchy, &in->inPublic.t.publicArea,
88	49	sensitive, &out->name, TPM_RH_NULL, skipChecks,
89	49	&out->objectHandle);
90	49	return result;
91	50	}

Coverage Report

Created: 2025-09-05 06:38