15679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// This file was extracted from the TCG Published 25679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Trusted Platform Module Library 35679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Part 3: Commands 45679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Family "2.0" 55679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Level 00 Revision 01.16 65679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// October 30, 2014 75679752bf24c21135884e987c4077e2f7184897Vadim Bendebury 85679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#include "InternalRoutines.h" 95679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#include "RSA_Encrypt_fp.h" 105679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#ifdef TPM_ALG_RSA 115679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// 125679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// 135679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Error Returns Meaning 145679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// 155679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// TPM_RC_ATTRIBUTES decrypt attribute is not SET in key referenced by keyHandle 165679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// TPM_RC_KEY keyHandle does not reference an RSA key 175679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// TPM_RC_SCHEME incorrect input scheme, or the chosen scheme is not a valid RSA 185679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// decrypt scheme 195679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// TPM_RC_VALUE the numeric value of message is greater than the public modulus of 205679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// the key referenced by keyHandle, or label is not a null-terminated 215679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// string 225679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// 235679752bf24c21135884e987c4077e2f7184897Vadim BendeburyTPM_RC 245679752bf24c21135884e987c4077e2f7184897Vadim BendeburyTPM2_RSA_Encrypt( 255679752bf24c21135884e987c4077e2f7184897Vadim Bendebury RSA_Encrypt_In *in, // IN: input parameter list 265679752bf24c21135884e987c4077e2f7184897Vadim Bendebury RSA_Encrypt_Out *out // OUT: output parameter list 275679752bf24c21135884e987c4077e2f7184897Vadim Bendebury ) 285679752bf24c21135884e987c4077e2f7184897Vadim Bendebury{ 295679752bf24c21135884e987c4077e2f7184897Vadim Bendebury TPM_RC result; 305679752bf24c21135884e987c4077e2f7184897Vadim Bendebury OBJECT *rsaKey; 315679752bf24c21135884e987c4077e2f7184897Vadim Bendebury TPMT_RSA_DECRYPT *scheme; 325679752bf24c21135884e987c4077e2f7184897Vadim Bendebury char *label = NULL; 335679752bf24c21135884e987c4077e2f7184897Vadim Bendebury 345679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Input Validation 355679752bf24c21135884e987c4077e2f7184897Vadim Bendebury 365679752bf24c21135884e987c4077e2f7184897Vadim Bendebury rsaKey = ObjectGet(in->keyHandle); 375679752bf24c21135884e987c4077e2f7184897Vadim Bendebury 385679752bf24c21135884e987c4077e2f7184897Vadim Bendebury // selected key must be an RSA key 395679752bf24c21135884e987c4077e2f7184897Vadim Bendebury if(rsaKey->publicArea.type != TPM_ALG_RSA) 405679752bf24c21135884e987c4077e2f7184897Vadim Bendebury return TPM_RC_KEY + RC_RSA_Encrypt_keyHandle; 415679752bf24c21135884e987c4077e2f7184897Vadim Bendebury 425679752bf24c21135884e987c4077e2f7184897Vadim Bendebury // selected key must have the decryption attribute 435679752bf24c21135884e987c4077e2f7184897Vadim Bendebury if(rsaKey->publicArea.objectAttributes.decrypt != SET) 445679752bf24c21135884e987c4077e2f7184897Vadim Bendebury return TPM_RC_ATTRIBUTES + RC_RSA_Encrypt_keyHandle; 455679752bf24c21135884e987c4077e2f7184897Vadim Bendebury 465679752bf24c21135884e987c4077e2f7184897Vadim Bendebury // Is there a label? 475679752bf24c21135884e987c4077e2f7184897Vadim Bendebury if(in->label.t.size > 0) 485679752bf24c21135884e987c4077e2f7184897Vadim Bendebury { 495679752bf24c21135884e987c4077e2f7184897Vadim Bendebury // label is present, so make sure that is it NULL-terminated 505679752bf24c21135884e987c4077e2f7184897Vadim Bendebury if(in->label.t.buffer[in->label.t.size - 1] != 0) 515679752bf24c21135884e987c4077e2f7184897Vadim Bendebury return TPM_RC_VALUE + RC_RSA_Encrypt_label; 525679752bf24c21135884e987c4077e2f7184897Vadim Bendebury label = (char *)in->label.t.buffer; 535679752bf24c21135884e987c4077e2f7184897Vadim Bendebury } 545679752bf24c21135884e987c4077e2f7184897Vadim Bendebury 555679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Command Output 565679752bf24c21135884e987c4077e2f7184897Vadim Bendebury 575679752bf24c21135884e987c4077e2f7184897Vadim Bendebury // Select a scheme for encryption 585679752bf24c21135884e987c4077e2f7184897Vadim Bendebury scheme = CryptSelectRSAScheme(in->keyHandle, &in->inScheme); 595679752bf24c21135884e987c4077e2f7184897Vadim Bendebury if(scheme == NULL) 605679752bf24c21135884e987c4077e2f7184897Vadim Bendebury return TPM_RC_SCHEME + RC_RSA_Encrypt_inScheme; 615679752bf24c21135884e987c4077e2f7184897Vadim Bendebury 625679752bf24c21135884e987c4077e2f7184897Vadim Bendebury // Encryption. TPM_RC_VALUE, or TPM_RC_SCHEME errors my be returned buy 635679752bf24c21135884e987c4077e2f7184897Vadim Bendebury // CryptEncyptRSA. Note: It can also return TPM_RC_ATTRIBUTES if the key does 645679752bf24c21135884e987c4077e2f7184897Vadim Bendebury // not have the decrypt attribute but that was checked above. 655679752bf24c21135884e987c4077e2f7184897Vadim Bendebury out->outData.t.size = sizeof(out->outData.t.buffer); 665679752bf24c21135884e987c4077e2f7184897Vadim Bendebury result = CryptEncryptRSA(&out->outData.t.size, out->outData.t.buffer, rsaKey, 675679752bf24c21135884e987c4077e2f7184897Vadim Bendebury scheme, in->message.t.size, in->message.t.buffer, 685679752bf24c21135884e987c4077e2f7184897Vadim Bendebury label); 695679752bf24c21135884e987c4077e2f7184897Vadim Bendebury return result; 705679752bf24c21135884e987c4077e2f7184897Vadim Bendebury} 715679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#endif 72