/* This function computes the qualified name of an object. */ void ComputeQualifiedName( TPM_HANDLE parentHandle, // IN: parent's handle TPM_ALG_ID nameAlg, // IN: name hash TPM2B_NAME *name, // IN: name of the object TPM2B_NAME *qualifiedName // OUT: qualified name of the object ) { HASH_STATE hashState; // hash state TPM2B_NAME parentName; if(parentHandle == TPM_RH_UNASSIGNED) { MemoryCopy2B(&qualifiedName->b, &name->b, sizeof(qualifiedName->t.name)); *qualifiedName = *name; } else { GetQualifiedName(parentHandle, &parentName); // QN_A = hash_A (QN of parent || NAME_A) // Start hash qualifiedName->t.size = CryptHashStart(&hashState, nameAlg); // Add parent's qualified name CryptDigestUpdate2B(&hashState, &parentName.b); // Add self name CryptDigestUpdate2B(&hashState, &name->b); // Complete hash leaving room for the name algorithm CryptHashEnd(&hashState, qualifiedName->t.size, &qualifiedName->t.name[2]); UINT16_TO_BYTE_ARRAY(nameAlg, qualifiedName->t.name); qualifiedName->t.size += 2; } return; }
TPM_RC TPM2_PolicyGetDigest_Unmarshal( SESSION *sessionTable, UINT32 sessionCnt, Marshal_Parms *parms, BYTE **buffer, INT32 *size ) { TPM_RC result = TPM_RC_SUCCESS; // PolicyGetDigest_In *in = (PolicyGetDigest_In *)parms->parmIn; PolicyGetDigest_Out *out = (PolicyGetDigest_Out *)parms->parmOut; if((parms == NULL) || (parms->objectCntIn < TPM2_PolicyGetDigest_HdlCntIn) || // (parms->objectCntOut < TPM2_PolicyGetDigest_HdlCntOut) || (parms->parmIn == NULL) || (parms->parmOut == NULL)) { return TPM_RC_FAILURE; } if((result = Command_Unmarshal( TPM_CC_PolicyGetDigest, sessionTable, sessionCnt, TPM2_PolicyGetDigest_Parameter_Unmarshal, parms, buffer, size)) == TPM_RC_SUCCESS) { MemoryCopy2B((TPM2B*)&parms->objectTableIn[TPM2_PolicyPCR_HdlIn_PolicySession].session.u2.policyDigest, (TPM2B*)&out->policyDigest, sizeof(parms->objectTableIn[TPM2_PolicyPCR_HdlIn_PolicySession].session.u2.policyDigest.t.buffer)); } return result; }
/* count number of bytes in the authValue with zeros stripped */ UINT16 EntityGetAuthValue( TPMI_DH_ENTITY handle, // IN: handle of entity TPM2B_AUTH *auth // OUT: authValue of the entity ) { TPM2B_AUTH *pAuth = NULL; auth->t.size = 0; switch(HandleGetType(handle)) { case TPM_HT_PERMANENT: { switch(handle) { case TPM_RH_OWNER: // ownerAuth for TPM_RH_OWNER pAuth = &gp.ownerAuth; break; case TPM_RH_ENDORSEMENT: // endorsementAuth for TPM_RH_ENDORSEMENT pAuth = &gp.endorsementAuth; break; case TPM_RH_PLATFORM: // platformAuth for TPM_RH_PLATFORM pAuth = &gc.platformAuth; break; case TPM_RH_LOCKOUT: // lockoutAuth for TPM_RH_LOCKOUT pAuth = &gp.lockoutAuth; break; case TPM_RH_NULL: // nullAuth for TPM_RH_NULL. Return 0 directly here return 0; break; #ifdef VENDOR_PERMANENT case VENDOR_PERMANENT: // vendor authorization value pAauth = &g_platformUniqueDetails; #endif default: // If any other permanent handle is present it is // a code defect. FAIL(FATAL_ERROR_INTERNAL); break; } break; } case TPM_HT_TRANSIENT: // authValue for an object // A persistent object would have been copied into RAM // and would have an transient object handle here. { OBJECT *object; object = HandleToObject(handle); // special handling if this is a sequence object if(ObjectIsSequence(object)) { pAuth = &((HASH_OBJECT *)object)->auth; } else { // Authorization is available only when the private portion of // the object is loaded. The check should be made before // this function is called pAssert(object->attributes.publicOnly == CLEAR); pAuth = &object->sensitive.authValue; } } break; case TPM_HT_NV_INDEX: // authValue for an NV index { NV_INDEX *nvIndex = NvGetIndexInfo(handle, NULL); pAssert(nvIndex != NULL); pAuth = &nvIndex->authValue; } break; case TPM_HT_PCR: // authValue for PCR pAuth = PCRGetAuthValue(handle); break; default: // If any other handle type is present here, then there is a defect // in the unmarshaling code. FAIL(FATAL_ERROR_INTERNAL); break; } // Copy the authValue if (!pAuth) /* libtpms changed begin (ubsan) */ MemoryCopy2B(&auth->b, NULL, sizeof(auth->t.buffer)); else MemoryCopy2B(&auth->b, &pAuth->b, sizeof(auth->t.buffer)); /* libtpms changed end */ MemoryRemoveTrailingZeros(auth); return auth->t.size; }