#2063

Committed 11 Feb 2026 02:58PM UTC coverage: 77.18% (-0.02%) from 77.195%

Build # #2063

Build Type

push

travis-ci

Committed by

web-flow

Commit Message

Merge c175b6f1e into c2a8109f8

Run Details

1174 of 1370 new or added lines in 95 files covered. (85.69%)

2190 existing lines in 89 files now uncovered.

36347 of 47094 relevant lines covered (77.18%)

125164.35 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

97.67

/src/tpm2/DuplicationCommands.c

/********************************************************************************/
/*                                                                                */
/*                            Duplication Commands                                 */
/*                             Written by Ken Goldman                                */
/*                       IBM Thomas J. Watson Research Center                        */
/*            $Id: DuplicationCommands.c 1490 2019-07-26 21:13:22Z kgoldman $        */
/*                                                                                */
/*  Licenses and Notices                                                        */
/*                                                                                */
/*  1. Copyright Licenses:                                                        */
/*                                                                                */
/*  - Trusted Computing Group (TCG) grants to the user of the source code in        */
/*    this specification (the "Source Code") a worldwide, irrevocable,                 */
/*    nonexclusive, royalty free, copyright license to reproduce, create         */
/*    derivative works, distribute, display and perform the Source Code and        */
/*    derivative works thereof, and to grant others the rights granted herein.        */
/*                                                                                */
/*  - The TCG grants to the user of the other parts of the specification         */
/*    (other than the Source Code) the rights to reproduce, distribute,         */
/*    display, and perform the specification solely for the purpose of                 */
/*    developing products based on such documents.                                */
/*                                                                                */
/*  2. Source Code Distribution Conditions:                                        */
/*                                                                                */
/*  - Redistributions of Source Code must retain the above copyright licenses,         */
/*    this list of conditions and the following disclaimers.                        */
/*                                                                                */
/*  - Redistributions in binary form must reproduce the above copyright         */
/*    licenses, this list of conditions        and the following disclaimers in the         */
/*    documentation and/or other materials provided with the distribution.        */
/*                                                                                */
/*  3. Disclaimers:                                                                */
/*                                                                                */
/*  - THE COPYRIGHT LICENSES SET FORTH ABOVE DO NOT REPRESENT ANY FORM OF        */
/*  LICENSE OR WAIVER, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, WITH        */
/*  RESPECT TO PATENT RIGHTS HELD BY TCG MEMBERS (OR OTHER THIRD PARTIES)        */
/*  THAT MAY BE NECESSARY TO IMPLEMENT THIS SPECIFICATION OR OTHERWISE.                */
/*  Contact TCG Administration (admin@trustedcomputinggroup.org) for                 */
/*  information on specification licensing rights available through TCG         */
/*  membership agreements.                                                        */
/*                                                                                */
/*  - THIS SPECIFICATION IS PROVIDED "AS IS" WITH NO EXPRESS OR IMPLIED         */
/*    WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY OR         */
/*    FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, COMPLETENESS, OR                 */
/*    NONINFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS, OR ANY WARRANTY                 */
/*    OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE.                */
/*                                                                                */
/*  - Without limitation, TCG and its members and licensors disclaim all         */
/*    liability, including liability for infringement of any proprietary         */
/*    rights, relating to use of information in this specification and to the        */
/*    implementation of this specification, and TCG disclaims all liability for        */
/*    cost of procurement of substitute goods or services, lost profits, loss         */
/*    of use, loss of data or any incidental, consequential, direct, indirect,         */
/*    or special damages, whether under contract, tort, warranty or otherwise,         */
/*    arising in any way out of use or reliance upon this specification or any         */
/*    information herein.                                                        */
/*                                                                                */
/*  (c) Copyright IBM Corp. and others, 2016 - 2021                                */
/*                                                                                */
/********************************************************************************/

#include "Tpm.h"
#include "Rewrap_fp.h"
#if CC_Rewrap  // Conditional expansion of this file
#include "Object_spt_fp.h"
TPM_RC
TPM2_Rewrap(
            Rewrap_In       *in,            // IN: input parameter list
            Rewrap_Out      *out            // OUT: output parameter list
            )
{
    TPM_RC                  result = TPM_RC_SUCCESS;
    TPM2B_DATA              data;               // symmetric key
    UINT16                  hashSize = 0;
    TPM2B_PRIVATE           privateBlob;        // A temporary private blob
    // to transit between old
    // and new wrappers
    // Input Validation
    if((in->inSymSeed.t.size == 0 && in->oldParent != TPM_RH_NULL)
       || (in->inSymSeed.t.size != 0 && in->oldParent == TPM_RH_NULL))
        return TPM_RCS_HANDLE + RC_Rewrap_oldParent;
    if(in->oldParent != TPM_RH_NULL)
        {
            OBJECT              *oldParent = HandleToObject(in->oldParent);
            // old parent key must be a storage object
            if(!ObjectIsStorage(in->oldParent))
                return TPM_RCS_TYPE + RC_Rewrap_oldParent;

            pAssert_RC(oldParent != NULL);
            // Decrypt input secret data via asymmetric decryption.  A
            // TPM_RC_VALUE, TPM_RC_KEY or unmarshal errors may be returned at this
            // point
            result = CryptSecretDecrypt(oldParent, NULL, DUPLICATE_STRING,
                                        &in->inSymSeed, &data);
            if(result != TPM_RC_SUCCESS)
                return TPM_RCS_VALUE + RC_Rewrap_inSymSeed;
            // Unwrap Outer
            result = UnwrapOuter(oldParent, &in->name.b,
                                 oldParent->publicArea.nameAlg, &data.b,
                                 FALSE,
                                 in->inDuplicate.t.size, in->inDuplicate.t.buffer);
            if(result != TPM_RC_SUCCESS)
                return RcSafeAddToResult(result, RC_Rewrap_inDuplicate);
            // Copy unwrapped data to temporary variable, remove the integrity field
            hashSize = sizeof(UINT16) +
                       CryptHashGetDigestSize(oldParent->publicArea.nameAlg);
            privateBlob.t.size = in->inDuplicate.t.size - hashSize;
            pAssert_RC(privateBlob.t.size <= sizeof(privateBlob.t.buffer));
            MemoryCopy(privateBlob.t.buffer, in->inDuplicate.t.buffer + hashSize,
                       privateBlob.t.size);
        }
    else
        {
            // No outer wrap from input blob.  Direct copy.
            privateBlob = in->inDuplicate;
        }
    if(in->newParent != TPM_RH_NULL)
        {
            OBJECT          *newParent;
            newParent = HandleToObject(in->newParent);

            // New parent must be a storage object
            if(!ObjectIsStorage(in->newParent))
                return TPM_RCS_TYPE + RC_Rewrap_newParent;

            pAssert_RC(newParent != NULL);

            // Make new encrypt key and its associated secret structure.  A
            // TPM_RC_VALUE error may be returned at this point if RSA algorithm is
            // enabled in TPM
            out->outSymSeed.t.size = sizeof(out->outSymSeed.t.secret);
            result = CryptSecretEncrypt(newParent, DUPLICATE_STRING, &data,
                                        &out->outSymSeed);
            if(result != TPM_RC_SUCCESS)
                return result;
            // Copy temporary variable to output, reserve the space for integrity
            hashSize = sizeof(UINT16) +
                       CryptHashGetDigestSize(newParent->publicArea.nameAlg);
            // Make sure that everything fits into the output buffer
            // Note: this is mostly only an issue if there was no outer wrapper on
            // 'inDuplicate'. It could be as large as a TPM2B_PRIVATE buffer. If we add
            // a digest for an outer wrapper, it won't fit anymore.
            if((size_t)(privateBlob.t.size + hashSize) > sizeof(out->outDuplicate.t.buffer))
                return TPM_RCS_VALUE + RC_Rewrap_inDuplicate;
            // Command output
            out->outDuplicate.t.size = privateBlob.t.size;
            pAssert(privateBlob.t.size
                    <= sizeof(out->outDuplicate.t.buffer) - hashSize);
            MemoryCopy(out->outDuplicate.t.buffer + hashSize, privateBlob.t.buffer,
                       privateBlob.t.size);
            // Produce outer wrapper for output
            out->outDuplicate.t.size = ProduceOuterWrap(newParent, &in->name.b,
                                                        newParent->publicArea.nameAlg,
                                                        &data.b,
                                                        FALSE,
                                                        out->outDuplicate.t.size,
                                                        out->outDuplicate.t.buffer);
        }
    else  // New parent is a null key so there is no seed
        {
            out->outSymSeed.t.size = 0;
            // Copy privateBlob directly
            out->outDuplicate = privateBlob;
        }
    return TPM_RC_SUCCESS;
}
#endif // CC_Rewrap

1	/********************************************************************************/
2	/* */
3	/* Duplication Commands */
4	/* Written by Ken Goldman */
5	/* IBM Thomas J. Watson Research Center */
6	/* $Id: DuplicationCommands.c 1490 2019-07-26 21:13:22Z kgoldman $ */
7	/* */
8	/* Licenses and Notices */
9	/* */
10	/* 1. Copyright Licenses: */
11	/* */
12	/* - Trusted Computing Group (TCG) grants to the user of the source code in */
13	/* this specification (the "Source Code") a worldwide, irrevocable, */
14	/* nonexclusive, royalty free, copyright license to reproduce, create */
15	/* derivative works, distribute, display and perform the Source Code and */
16	/* derivative works thereof, and to grant others the rights granted herein. */
17	/* */
18	/* - The TCG grants to the user of the other parts of the specification */
19	/* (other than the Source Code) the rights to reproduce, distribute, */
20	/* display, and perform the specification solely for the purpose of */
21	/* developing products based on such documents. */
22	/* */
23	/* 2. Source Code Distribution Conditions: */
24	/* */
25	/* - Redistributions of Source Code must retain the above copyright licenses, */
26	/* this list of conditions and the following disclaimers. */
27	/* */
28	/* - Redistributions in binary form must reproduce the above copyright */
29	/* licenses, this list of conditions and the following disclaimers in the */
30	/* documentation and/or other materials provided with the distribution. */
31	/* */
32	/* 3. Disclaimers: */
33	/* */
34	/* - THE COPYRIGHT LICENSES SET FORTH ABOVE DO NOT REPRESENT ANY FORM OF */
35	/* LICENSE OR WAIVER, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, WITH */
36	/* RESPECT TO PATENT RIGHTS HELD BY TCG MEMBERS (OR OTHER THIRD PARTIES) */
37	/* THAT MAY BE NECESSARY TO IMPLEMENT THIS SPECIFICATION OR OTHERWISE. */
38	/* Contact TCG Administration (admin@trustedcomputinggroup.org) for */
39	/* information on specification licensing rights available through TCG */
40	/* membership agreements. */
41	/* */
42	/* - THIS SPECIFICATION IS PROVIDED "AS IS" WITH NO EXPRESS OR IMPLIED */
43	/* WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY OR */
44	/* FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, COMPLETENESS, OR */
45	/* NONINFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS, OR ANY WARRANTY */
46	/* OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. */
47	/* */
48	/* - Without limitation, TCG and its members and licensors disclaim all */
49	/* liability, including liability for infringement of any proprietary */
50	/* rights, relating to use of information in this specification and to the */
51	/* implementation of this specification, and TCG disclaims all liability for */
52	/* cost of procurement of substitute goods or services, lost profits, loss */
53	/* of use, loss of data or any incidental, consequential, direct, indirect, */
54	/* or special damages, whether under contract, tort, warranty or otherwise, */
55	/* arising in any way out of use or reliance upon this specification or any */
56	/* information herein. */
57	/* */
58	/* (c) Copyright IBM Corp. and others, 2016 - 2021 */
59	/* */
60	/********************************************************************************/
61
62	#include "Tpm.h"
63	#include "Rewrap_fp.h"
64	#if CC_Rewrap // Conditional expansion of this file
65	#include "Object_spt_fp.h"
66	TPM_RC
67	TPM2_Rewrap(	17✔
68	Rewrap_In *in, // IN: input parameter list
69	Rewrap_Out *out // OUT: output parameter list
70	)
71	{
72	TPM_RC result = TPM_RC_SUCCESS;	17✔
73	TPM2B_DATA data; // symmetric key	17✔
74	UINT16 hashSize = 0;	17✔
75	TPM2B_PRIVATE privateBlob; // A temporary private blob	17✔
76	// to transit between old
77	// and new wrappers
78	// Input Validation
79	if((in->inSymSeed.t.size == 0 && in->oldParent != TPM_RH_NULL)	17✔
80	\|\| (in->inSymSeed.t.size != 0 && in->oldParent == TPM_RH_NULL))	17✔
81	return TPM_RCS_HANDLE + RC_Rewrap_oldParent;
82	if(in->oldParent != TPM_RH_NULL)	13✔
83	{
84	OBJECT *oldParent = HandleToObject(in->oldParent);	1✔
85	// old parent key must be a storage object
86	if(!ObjectIsStorage(in->oldParent))	1✔
87	return TPM_RCS_TYPE + RC_Rewrap_oldParent;
88
89	pAssert_RC(oldParent != NULL);	1✔
90	// Decrypt input secret data via asymmetric decryption. A
91	// TPM_RC_VALUE, TPM_RC_KEY or unmarshal errors may be returned at this
92	// point
93	result = CryptSecretDecrypt(oldParent, NULL, DUPLICATE_STRING,	1✔
94	&in->inSymSeed, &data);
95	if(result != TPM_RC_SUCCESS)	1✔
96	return TPM_RCS_VALUE + RC_Rewrap_inSymSeed;
97	// Unwrap Outer
98	result = UnwrapOuter(oldParent, &in->name.b,	2✔
99	oldParent->publicArea.nameAlg, &data.b,	1✔
100	FALSE,
101	in->inDuplicate.t.size, in->inDuplicate.t.buffer);	1✔
102	if(result != TPM_RC_SUCCESS)	1✔
UNCOV 103	return RcSafeAddToResult(result, RC_Rewrap_inDuplicate);	×
104	// Copy unwrapped data to temporary variable, remove the integrity field
105	hashSize = sizeof(UINT16) +	2✔
106	CryptHashGetDigestSize(oldParent->publicArea.nameAlg);	1✔
107	privateBlob.t.size = in->inDuplicate.t.size - hashSize;	1✔
108	pAssert_RC(privateBlob.t.size <= sizeof(privateBlob.t.buffer));	1✔
109	MemoryCopy(privateBlob.t.buffer, in->inDuplicate.t.buffer + hashSize,	1✔
110	privateBlob.t.size);
111	}
112	else
113	{
114	// No outer wrap from input blob. Direct copy.
115	privateBlob = in->inDuplicate;	12✔
116	}
117	if(in->newParent != TPM_RH_NULL)	13✔
118	{
119	OBJECT *newParent;	1✔
120	newParent = HandleToObject(in->newParent);	1✔
121
122	// New parent must be a storage object
123	if(!ObjectIsStorage(in->newParent))	1✔
124	return TPM_RCS_TYPE + RC_Rewrap_newParent;
125
126	pAssert_RC(newParent != NULL);	1✔
127
128	// Make new encrypt key and its associated secret structure. A
129	// TPM_RC_VALUE error may be returned at this point if RSA algorithm is
130	// enabled in TPM
131	out->outSymSeed.t.size = sizeof(out->outSymSeed.t.secret);	1✔
132	result = CryptSecretEncrypt(newParent, DUPLICATE_STRING, &data,	1✔
133	&out->outSymSeed);
134	if(result != TPM_RC_SUCCESS)	1✔
135	return result;
136	// Copy temporary variable to output, reserve the space for integrity
137	hashSize = sizeof(UINT16) +	2✔
138	CryptHashGetDigestSize(newParent->publicArea.nameAlg);	1✔
139	// Make sure that everything fits into the output buffer
140	// Note: this is mostly only an issue if there was no outer wrapper on
141	// 'inDuplicate'. It could be as large as a TPM2B_PRIVATE buffer. If we add
142	// a digest for an outer wrapper, it won't fit anymore.
143	if((size_t)(privateBlob.t.size + hashSize) > sizeof(out->outDuplicate.t.buffer))	1✔
144	return TPM_RCS_VALUE + RC_Rewrap_inDuplicate;
145	// Command output
146	out->outDuplicate.t.size = privateBlob.t.size;	1✔
147	pAssert(privateBlob.t.size	1✔
148	<= sizeof(out->outDuplicate.t.buffer) - hashSize);
149	MemoryCopy(out->outDuplicate.t.buffer + hashSize, privateBlob.t.buffer,	1✔
150	privateBlob.t.size);
151	// Produce outer wrapper for output
152	out->outDuplicate.t.size = ProduceOuterWrap(newParent, &in->name.b,	1✔
153	newParent->publicArea.nameAlg,	1✔
154	&data.b,
155	FALSE,
156	out->outDuplicate.t.size,	1✔
157	out->outDuplicate.t.buffer);
158	}
159	else // New parent is a null key so there is no seed
160	{
161	out->outSymSeed.t.size = 0;	12✔
162	// Copy privateBlob directly
163	out->outDuplicate = privateBlob;	12✔
164	}
165	return TPM_RC_SUCCESS;
166	}
167	#endif // CC_Rewrap

stefanberger / libtpms / #2063

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous