1// This file was extracted from the TCG Published
2// Trusted Platform Module Library
3// Part 3: Commands
4// Family "2.0"
5// Level 00 Revision 01.16
6// October 30, 2014
7
8#include "InternalRoutines.h"
9#include "Attest_spt_fp.h"
10#include "GetCommandAuditDigest_fp.h"
11//
12//
13//     Error Returns                 Meaning
14//
15//     TPM_RC_KEY                    key referenced by signHandle is not a signing key
16//     TPM_RC_SCHEME                 inScheme is incompatible with signHandle type; or both scheme and
17//                                   key's default scheme are empty; or scheme is empty while key's
18//                                   default scheme requires explicit input scheme (split signing); or non-
19//                                   empty default key scheme differs from scheme
20//     TPM_RC_VALUE                  digest generated for the given scheme is greater than the modulus of
21//                                   signHandle (for an RSA key); invalid commit status or failed to
22//                                   generate r value (for an ECC key)
23//
24TPM_RC
25TPM2_GetCommandAuditDigest(
26   GetCommandAuditDigest_In      *in,                // IN: input parameter list
27   GetCommandAuditDigest_Out     *out                // OUT: output parameter list
28   )
29{
30   TPM_RC                   result;
31   TPMS_ATTEST              auditInfo;
32
33// Command Output
34
35   // Filling in attest information
36   // Common fields
37   result = FillInAttestInfo(in->signHandle,
38                             &in->inScheme,
39                             &in->qualifyingData,
40                             &auditInfo);
41   if(result != TPM_RC_SUCCESS)
42   {
43       if(result == TPM_RC_KEY)
44           return TPM_RC_KEY + RC_GetCommandAuditDigest_signHandle;
45       else
46           return RcSafeAddToResult(result, RC_GetCommandAuditDigest_inScheme);
47   }
48
49   // CommandAuditDigest specific fields
50   // Attestation type
51   auditInfo.type = TPM_ST_ATTEST_COMMAND_AUDIT;
52
53   // Copy audit hash algorithm
54   auditInfo.attested.commandAudit.digestAlg = gp.auditHashAlg;
55
56   // Copy counter value
57   auditInfo.attested.commandAudit.auditCounter = gp.auditCounter;
58
59   // Copy command audit log
60   auditInfo.attested.commandAudit.auditDigest = gr.commandAuditDigest;
61   CommandAuditGetDigest(&auditInfo.attested.commandAudit.commandDigest);
62
63   //   Sign attestation structure. A NULL signature will be returned if
64   //   signHandle is TPM_RH_NULL. A TPM_RC_NV_UNAVAILABLE, TPM_RC_NV_RATE,
65   //   TPM_RC_VALUE, TPM_RC_SCHEME or TPM_RC_ATTRIBUTES error may be returned at
66   //   this point
67   result = SignAttestInfo(in->signHandle,
68                           &in->inScheme,
69                           &auditInfo,
70                           &in->qualifyingData,
71                           &out->auditInfo,
72                           &out->signature);
73
74   if(result != TPM_RC_SUCCESS)
75       return result;
76
77// Internal Data Update
78
79   if(in->signHandle != TPM_RH_NULL)
80   {
81       // Reset log
82       gr.commandAuditDigest.t.size = 0;
83
84       // orderly state should be cleared because of the update in
85       // commandAuditDigest, as well as the reporting of clock info
86       g_clearOrderly = TRUE;
87   }
88
89   return TPM_RC_SUCCESS;
90}
91