/src/tpm2/RSA_Encrypt.c

Source
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "RSA_Encrypt_fp.h"
#ifdef TPM_ALG_RSA
//
//
//     Error Returns                     Meaning
//
//     TPM_RC_ATTRIBUTES                 decrypt attribute is not SET in key referenced by keyHandle
//     TPM_RC_KEY                        keyHandle does not reference an RSA key
//     TPM_RC_SCHEME                     incorrect input scheme, or the chosen scheme is not a valid RSA
//                                       decrypt scheme
//     TPM_RC_VALUE                      the numeric value of message is greater than the public modulus of
//                                       the key referenced by keyHandle, or label is not a null-terminated
//                                       string
//
TPM_RC
TPM2_RSA_Encrypt(
   RSA_Encrypt_In        *in,                 // IN: input parameter list
   RSA_Encrypt_Out       *out                 // OUT: output parameter list
   )
{
   TPM_RC                    result;
   OBJECT                    *rsaKey;
   TPMT_RSA_DECRYPT          *scheme;
   char                      *label = NULL;

// Input Validation

   rsaKey = ObjectGet(in->keyHandle);

   // selected key must be an RSA key
   if(rsaKey->publicArea.type != TPM_ALG_RSA)
       return TPM_RC_KEY + RC_RSA_Encrypt_keyHandle;

   // selected key must have the decryption attribute
   if(rsaKey->publicArea.objectAttributes.decrypt != SET)
       return TPM_RC_ATTRIBUTES + RC_RSA_Encrypt_keyHandle;

   // Is there a label?
   if(in->label.t.size > 0)
   {
       // label is present, so make sure that is it NULL-terminated
       if(in->label.t.buffer[in->label.t.size - 1] != 0)
           return TPM_RC_VALUE + RC_RSA_Encrypt_label;
       label = (char *)in->label.t.buffer;
   }

// Command Output

   // Select a scheme for encryption
   scheme = CryptSelectRSAScheme(in->keyHandle, &in->inScheme);
   if(scheme == NULL)
       return TPM_RC_SCHEME + RC_RSA_Encrypt_inScheme;

   // Encryption. TPM_RC_VALUE, or TPM_RC_SCHEME errors my be returned buy
   // CryptEncyptRSA. Note: It can also return TPM_RC_ATTRIBUTES if the key does
   // not have the decrypt attribute but that was checked above.
   out->outData.t.size = sizeof(out->outData.t.buffer);
   result = CryptEncryptRSA(&out->outData.t.size, out->outData.t.buffer, rsaKey,
                          scheme, in->message.t.size, in->message.t.buffer,
                          label);
   return result;
}
#endif

Coverage Report

Created: 2025-10-10 06:20

Line	Count	Source
1		// This file was extracted from the TCG Published
2		// Trusted Platform Module Library
3		// Part 3: Commands
4		// Family "2.0"
5		// Level 00 Revision 01.16
6		// October 30, 2014
7
8		#include "InternalRoutines.h"
9		#include "RSA_Encrypt_fp.h"
10		#ifdef TPM_ALG_RSA
11		//
12		//
13		// Error Returns Meaning
14		//
15		// TPM_RC_ATTRIBUTES decrypt attribute is not SET in key referenced by keyHandle
16		// TPM_RC_KEY keyHandle does not reference an RSA key
17		// TPM_RC_SCHEME incorrect input scheme, or the chosen scheme is not a valid RSA
18		// decrypt scheme
19		// TPM_RC_VALUE the numeric value of message is greater than the public modulus of
20		// the key referenced by keyHandle, or label is not a null-terminated
21		// string
22		//
23		TPM_RC
24		TPM2_RSA_Encrypt(
25		RSA_Encrypt_In *in, // IN: input parameter list
26		RSA_Encrypt_Out *out // OUT: output parameter list
27		)
28	0	{
29	0	TPM_RC result;
30	0	OBJECT *rsaKey;
31	0	TPMT_RSA_DECRYPT *scheme;
32	0	char *label = NULL;
33
34		// Input Validation
35
36	0	rsaKey = ObjectGet(in->keyHandle);
37
38		// selected key must be an RSA key
39	0	if(rsaKey->publicArea.type != TPM_ALG_RSA)
40	0	return TPM_RC_KEY + RC_RSA_Encrypt_keyHandle;
41
42		// selected key must have the decryption attribute
43	0	if(rsaKey->publicArea.objectAttributes.decrypt != SET)
44	0	return TPM_RC_ATTRIBUTES + RC_RSA_Encrypt_keyHandle;
45
46		// Is there a label?
47	0	if(in->label.t.size > 0)
48	0	{
49		// label is present, so make sure that is it NULL-terminated
50	0	if(in->label.t.buffer[in->label.t.size - 1] != 0)
51	0	return TPM_RC_VALUE + RC_RSA_Encrypt_label;
52	0	label = (char *)in->label.t.buffer;
53	0	}
54
55		// Command Output
56
57		// Select a scheme for encryption
58	0	scheme = CryptSelectRSAScheme(in->keyHandle, &in->inScheme);
59	0	if(scheme == NULL)
60	0	return TPM_RC_SCHEME + RC_RSA_Encrypt_inScheme;
61
62		// Encryption. TPM_RC_VALUE, or TPM_RC_SCHEME errors my be returned buy
63		// CryptEncyptRSA. Note: It can also return TPM_RC_ATTRIBUTES if the key does
64		// not have the decrypt attribute but that was checked above.
65	0	out->outData.t.size = sizeof(out->outData.t.buffer);
66	0	result = CryptEncryptRSA(&out->outData.t.size, out->outData.t.buffer, rsaKey,
67	0	scheme, in->message.t.size, in->message.t.buffer,
68	0	label);
69	0	return result;
70	0	}
71		#endif