Google Git
Sign in
android / platform / external / tpm2 / refs/tags/android-9.0.0_r44 / . / VerifySignature.c
blob: 670b9d5ac30d810430775701822adfa645219a2b [file] [log] [blame]
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014
#include "InternalRoutines.h"
#include "VerifySignature_fp.h"
//
//
// Error Returns Meaning
//
// TPM_RC_ATTRIBUTES keyHandle does not reference a signing key
// TPM_RC_SIGNATURE signature is not genuine
// TPM_RC_SCHEME CryptVerifySignature()
// TPM_RC_HANDLE the input handle is references an HMAC key but the private portion is
// not loaded
//
TPM_RC
TPM2_VerifySignature(
VerifySignature_In *in, // IN: input parameter list
VerifySignature_Out *out // OUT: output parameter list
)
{
TPM_RC result;
TPM2B_NAME name;
OBJECT *signObject;
TPMI_RH_HIERARCHY hierarchy;
// Input Validation
// Get sign object pointer
signObject = ObjectGet(in->keyHandle);
// The object to validate the signature must be a signing key.
if(signObject->publicArea.objectAttributes.sign != SET)
return TPM_RC_ATTRIBUTES + RC_VerifySignature_keyHandle;
// Validate Signature. TPM_RC_SCHEME, TPM_RC_HANDLE or TPM_RC_SIGNATURE
// error may be returned by CryptCVerifySignatrue()
result = CryptVerifySignature(in->keyHandle, &in->digest, &in->signature);
if(result != TPM_RC_SUCCESS)
return RcSafeAddToResult(result, RC_VerifySignature_signature);
// Command Output
hierarchy = ObjectGetHierarchy(in->keyHandle);
if( hierarchy == TPM_RH_NULL
|| signObject->publicArea.nameAlg == TPM_ALG_NULL)
{
// produce empty ticket if hierarchy is TPM_RH_NULL or nameAlg is
// TPM_ALG_NULL
out->validation.tag = TPM_ST_VERIFIED;
out->validation.hierarchy = TPM_RH_NULL;
out->validation.digest.t.size = 0;
}
else
{
// Get object name that verifies the signature
name.t.size = ObjectGetName(in->keyHandle, &name.t.name);
// Compute ticket
TicketComputeVerified(hierarchy, &in->digest, &name, &out->validation);
}
return TPM_RC_SUCCESS;
}