1// This file was extracted from the TCG Published
2// Trusted Platform Module Library
3// Part 3: Commands
4// Family "2.0"
5// Level 00 Revision 01.16
6// October 30, 2014
7
8#include "InternalRoutines.h"
9#include "ObjectChangeAuth_fp.h"
10#include "Object_spt_fp.h"
11//
12//
13//     Error Returns               Meaning
14//
15//     TPM_RC_SIZE                 newAuth is larger than the size of the digest of the Name algorithm of
16//                                 objectHandle
17//     TPM_RC_TYPE                 the key referenced by parentHandle is not the parent of the object
18//                                 referenced by objectHandle; or objectHandle is a sequence object.
19//
20TPM_RC
21TPM2_ObjectChangeAuth(
22   ObjectChangeAuth_In    *in,                // IN: input parameter list
23   ObjectChangeAuth_Out   *out                // OUT: output parameter list
24   )
25{
26   TPMT_SENSITIVE          sensitive;
27
28   OBJECT                 *object;
29   TPM2B_NAME              objectQN, QNCompare;
30   TPM2B_NAME              parentQN;
31
32// Input Validation
33
34   // Get object pointer
35   object = ObjectGet(in->objectHandle);
36
37   // Can not change auth on sequence object
38   if(ObjectIsSequence(object))
39       return TPM_RC_TYPE + RC_ObjectChangeAuth_objectHandle;
40
41   // Make sure that the auth value is consistent with the nameAlg
42   if( MemoryRemoveTrailingZeros(&in->newAuth)
43           > CryptGetHashDigestSize(object->publicArea.nameAlg))
44       return TPM_RC_SIZE + RC_ObjectChangeAuth_newAuth;
45
46   // Check parent for object
47   // parent handle must be the parent of object handle. In this
48   // implementation we verify this by checking the QN of object. Other
49   // implementation may choose different method to verify this attribute.
50   ObjectGetQualifiedName(in->parentHandle, &parentQN);
51   ObjectComputeQualifiedName(&parentQN, object->publicArea.nameAlg,
52                              &object->name, &QNCompare);
53
54   ObjectGetQualifiedName(in->objectHandle, &objectQN);
55   if(!Memory2BEqual(&objectQN.b, &QNCompare.b))
56       return TPM_RC_TYPE + RC_ObjectChangeAuth_parentHandle;
57
58// Command Output
59
60   // Copy internal sensitive area
61   sensitive = object->sensitive;
62   // Copy authValue
63   sensitive.authValue = in->newAuth;
64
65   // Prepare output private data from sensitive
66   SensitiveToPrivate(&sensitive, &object->name, in->parentHandle,
67                      object->publicArea.nameAlg,
68                       &out->outPrivate);
69
70   return TPM_RC_SUCCESS;
71}
72