/src/tpm2/Quote.c

Source
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "Attest_spt_fp.h"
#include "Quote_fp.h"
//
//
//     Error Returns               Meaning
//
//     TPM_RC_KEY                  signHandle does not reference a signing key;
//     TPM_RC_SCHEME               the scheme is not compatible with sign key type, or input scheme is
//                                 not compatible with default scheme, or the chosen scheme is not a
//                                 valid sign scheme
//
TPM_RC
TPM2_Quote(
   Quote_In        *in,             // IN: input parameter list
   Quote_Out       *out             // OUT: output parameter list
   )
{
   TPM_RC                  result;
   TPMI_ALG_HASH           hashAlg;
   TPMS_ATTEST             quoted;

// Command Output

   // Filling in attest information
   // Common fields
   // FillInAttestInfo may return TPM_RC_SCHEME or TPM_RC_KEY
   result = FillInAttestInfo(in->signHandle,
                             &in->inScheme,
                             &in->qualifyingData,
                             &quoted);
   if(result != TPM_RC_SUCCESS)
   {
       if(result == TPM_RC_KEY)
           return TPM_RC_KEY + RC_Quote_signHandle;
       else
           return RcSafeAddToResult(result, RC_Quote_inScheme);
   }

   // Quote specific fields
   // Attestation type
   quoted.type = TPM_ST_ATTEST_QUOTE;

   // Get hash algorithm in sign scheme. This hash algorithm is used to
   // compute PCR digest. If there is no algorithm, then the PCR cannot
   // be digested and this command returns TPM_RC_SCHEME
   hashAlg = in->inScheme.details.any.hashAlg;

   if(hashAlg == TPM_ALG_NULL)
       return TPM_RC_SCHEME + RC_Quote_inScheme;

   // Compute PCR digest
   PCRComputeCurrentDigest(hashAlg,
                           &in->PCRselect,
                           &quoted.attested.quote.pcrDigest);

   // Copy PCR select. "PCRselect" is modified in PCRComputeCurrentDigest
   // function
   quoted.attested.quote.pcrSelect = in->PCRselect;

   // Sign attestation structure. A NULL signature will be returned if
   // signHandle is TPM_RH_NULL. TPM_RC_VALUE, TPM_RC_SCHEME or TPM_RC_ATTRIBUTES
   // error may be returned by SignAttestInfo.
   // NOTE: TPM_RC_ATTRIBUTES means that the key is not a signing key but that
   // was checked above and TPM_RC_KEY was returned. TPM_RC_VALUE means that the
   // value to sign is too large but that means that the digest is too big and
   // that can't happen.
   result = SignAttestInfo(in->signHandle,
                           &in->inScheme,
                           &quoted,
                           &in->qualifyingData,
                           &out->quoted,
                           &out->signature);
   if(result != TPM_RC_SUCCESS)
       return result;

   // orderly state should be cleared because of the reporting of clock info
   // if signing happens
   if(in->signHandle != TPM_RH_NULL)
       g_clearOrderly = TRUE;

   return TPM_RC_SUCCESS;
}

Coverage Report

Created: 2025-10-28 06:46

Line	Count	Source
1		// This file was extracted from the TCG Published
2		// Trusted Platform Module Library
3		// Part 3: Commands
4		// Family "2.0"
5		// Level 00 Revision 01.16
6		// October 30, 2014
7
8		#include "InternalRoutines.h"
9		#include "Attest_spt_fp.h"
10		#include "Quote_fp.h"
11		//
12		//
13		// Error Returns Meaning
14		//
15		// TPM_RC_KEY signHandle does not reference a signing key;
16		// TPM_RC_SCHEME the scheme is not compatible with sign key type, or input scheme is
17		// not compatible with default scheme, or the chosen scheme is not a
18		// valid sign scheme
19		//
20		TPM_RC
21		TPM2_Quote(
22		Quote_In *in, // IN: input parameter list
23		Quote_Out *out // OUT: output parameter list
24		)
25	0	{
26	0	TPM_RC result;
27	0	TPMI_ALG_HASH hashAlg;
28	0	TPMS_ATTEST quoted;
29
30		// Command Output
31
32		// Filling in attest information
33		// Common fields
34		// FillInAttestInfo may return TPM_RC_SCHEME or TPM_RC_KEY
35	0	result = FillInAttestInfo(in->signHandle,
36	0	&in->inScheme,
37	0	&in->qualifyingData,
38	0	&quoted);
39	0	if(result != TPM_RC_SUCCESS)
40	0	{
41	0	if(result == TPM_RC_KEY)
42	0	return TPM_RC_KEY + RC_Quote_signHandle;
43	0	else
44	0	return RcSafeAddToResult(result, RC_Quote_inScheme);
45	0	}
46
47		// Quote specific fields
48		// Attestation type
49	0	quoted.type = TPM_ST_ATTEST_QUOTE;
50
51		// Get hash algorithm in sign scheme. This hash algorithm is used to
52		// compute PCR digest. If there is no algorithm, then the PCR cannot
53		// be digested and this command returns TPM_RC_SCHEME
54	0	hashAlg = in->inScheme.details.any.hashAlg;
55
56	0	if(hashAlg == TPM_ALG_NULL)
57	0	return TPM_RC_SCHEME + RC_Quote_inScheme;
58
59		// Compute PCR digest
60	0	PCRComputeCurrentDigest(hashAlg,
61	0	&in->PCRselect,
62	0	&quoted.attested.quote.pcrDigest);
63
64		// Copy PCR select. "PCRselect" is modified in PCRComputeCurrentDigest
65		// function
66	0	quoted.attested.quote.pcrSelect = in->PCRselect;
67
68		// Sign attestation structure. A NULL signature will be returned if
69		// signHandle is TPM_RH_NULL. TPM_RC_VALUE, TPM_RC_SCHEME or TPM_RC_ATTRIBUTES
70		// error may be returned by SignAttestInfo.
71		// NOTE: TPM_RC_ATTRIBUTES means that the key is not a signing key but that
72		// was checked above and TPM_RC_KEY was returned. TPM_RC_VALUE means that the
73		// value to sign is too large but that means that the digest is too big and
74		// that can't happen.
75	0	result = SignAttestInfo(in->signHandle,
76	0	&in->inScheme,
77	0	&quoted,
78	0	&in->qualifyingData,
79	0	&out->quoted,
80	0	&out->signature);
81	0	if(result != TPM_RC_SUCCESS)
82	0	return result;
83
84		// orderly state should be cleared because of the reporting of clock info
85		// if signing happens
86	0	if(in->signHandle != TPM_RH_NULL)
87	0	g_clearOrderly = TRUE;
88
89	0	return TPM_RC_SUCCESS;
90	0	}