函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\keys\trusted-keys\trusted_tpm1.c Create Date:2022-07-27 20:04:27
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:verify the AUTH2_COMMAND (unseal) result from TPM

函数原型:static int TSS_checkhmac2(unsigned char *buffer, const uint32_t command, const unsigned char *ononce, const unsigned char *key1, unsigned int keylen1, const unsigned char *key2, unsigned int keylen2, ...)

返回类型:int

参数:

类型参数名称
unsigned char *buffer
const uint32_tcommand
const unsigned char *ononce
const unsigned char *key1
unsigned intkeylen1
const unsigned char *key2
unsigned intkeylen2
289  bufsize等于LOAD32(buffer, TPM_SIZE_OFFSET)
290  tag等于LOAD16(buffer, 0)
291  ordinal等于command
292  result等于LOAD32N(buffer, TPM_RETURN_OFFSET)
294  如果tag恒等于TPM_TAG_RSP_COMMAND则返回:0
296  如果tag不等于TPM_TAG_RSP_AUTH2_COMMAND则返回:负EINVAL
298  authdata1等于bufferbufsizeSHA1_DIGEST_SIZE加1加SHA1_DIGEST_SIZESHA1_DIGEST_SIZE
300  authdata2等于bufferbufsizeSHA1_DIGEST_SIZE
301  continueflag1等于authdata1减1
302  continueflag2等于authdata2减1
303  enonce1等于continueflag1TPM_NONCE_SIZE
304  enonce2等于continueflag2TPM_NONCE_SIZE
306  sdesc等于init_sdesc(hashalg)
307  如果是错误
308  打印信息("trusted_key: can't alloc %s\n", hash_alg)
309  返回:错误
311  ret等于rypto_shash_init() - (re)initialize message digest*@desc: operational state handle that is already filled* The call (re-)initializes the message digest referenced by the* operational state handle. Any potentially existing state created by
312  如果ret小于0则转到:out
314  ret等于rypto_shash_update() - add data to message digest for processing*@desc: operational state handle that is already initialized*@data: input data to be added to the message digest*@len: length of the input data
316  如果ret小于0则转到:out
318  ret等于rypto_shash_update() - add data to message digest for processing*@desc: operational state handle that is already initialized*@data: input data to be added to the message digest*@len: length of the input data
320  如果ret小于0则转到:out
323  va_start(argp, keylen2)
324  循环
325  dlen等于va_arg(argp, unsignedint)
326  如果dlen恒等于0则退出
328  dpos等于va_arg(argp, unsignedint)
329  ret等于rypto_shash_update() - add data to message digest for processing*@desc: operational state handle that is already initialized*@data: input data to be added to the message digest*@len: length of the input data
330  如果ret小于0则退出
333  va_end(argp)
334  如果非retret等于rypto_shash_final() - calculate message digest*@desc: operational state handle that is already filled with data*@out: output buffer filled with the message digest* Finalize the message digest operation and create the message digest
336  如果ret小于0则转到:out
339  ret等于TSS_rawhmac(testhmac1, key1, keylen1, SHA1_DIGEST_SIZE, paramdigest, TPM_NONCE_SIZE, enonce1, TPM_NONCE_SIZE, ononce, 1, continueflag1, 0, 0)
342  如果ret小于0则转到:out
344  如果内存比较
345  ret等于负EINVAL
346  转到:out
348  ret等于TSS_rawhmac(testhmac2, key2, keylen2, SHA1_DIGEST_SIZE, paramdigest, TPM_NONCE_SIZE, enonce2, TPM_NONCE_SIZE, ononce, 1, continueflag2, 0, 0)
351  如果ret小于0则转到:out
353  如果内存比较ret等于负EINVAL
355  out :
356  kzfree - like kfree but zero memory*@p: object to free memory of* The memory of the object @p points to is zeroed before freed.* If @p is %NULL, kzfree() does nothing.* Note: this function zeroes the whole allocated buffer which can be a good
357  返回:ret
调用者
名称描述
tpm_unsealse the AUTH2_COMMAND form of unseal, to authorize both key and blob