// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014
#include "InternalRoutines.h"
#include "MakeCredential_fp.h"
#include "Object_spt_fp.h"
//
//
// Error Returns Meaning
//
// TPM_RC_KEY handle referenced an ECC key that has a unique field that is not a
// point on the curve of the key
// TPM_RC_SIZE credential is larger than the digest size of Name algorithm of handle
// TPM_RC_TYPE handle does not reference an asymmetric decryption key
//
TPM_RC
TPM2_MakeCredential(
MakeCredential_In *in, // IN: input parameter list
MakeCredential_Out *out // OUT: output parameter list
)
{
TPM_RC result = TPM_RC_SUCCESS;
OBJECT *object;
TPM2B_DATA data;
// Input Validation
// Get object pointer
object = ObjectGet(in->handle);
// input key must be an asymmetric, restricted decryption key
// NOTE: Needs to be restricted to have a symmetric value.
if( !CryptIsAsymAlgorithm(object->publicArea.type)
|| object->publicArea.objectAttributes.decrypt == CLEAR
|| object->publicArea.objectAttributes.restricted == CLEAR
)
return TPM_RC_TYPE + RC_MakeCredential_handle;
// The credential information may not be larger than the digest size used for
// the Name of the key associated with handle.
if(in->credential.t.size > CryptGetHashDigestSize(object->publicArea.nameAlg))
return TPM_RC_SIZE + RC_MakeCredential_credential;
// Command Output
// Make encrypt key and its associated secret structure.
// Even though CrypeSecretEncrypt() may return
out->secret.t.size = sizeof(out->secret.t.secret);
result = CryptSecretEncrypt(in->handle, "IDENTITY", &data, &out->secret);
if(result != TPM_RC_SUCCESS)
return result;
// Prepare output credential data from secret
SecretToCredential(&in->credential, &in->objectName, (TPM2B_SEED *) &data,
in->handle, &out->credentialBlob);
return TPM_RC_SUCCESS;
}