Google Git
Sign in
fuchsia / third_party / github.com / tpm2-software / tpm2-tss / refs/heads/upstream/3.0.x / . / src / tss2-fapi / ifapi_policy_types.h
blob: 9ec4d734da51b8ee125410cd48ae1fff2b9f11f0 [file] [log] [blame]
/* SPDX-License-Identifier: BSD-2-Clause */
/*******************************************************************************
* Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG
* All rights reserved.
******************************************************************************/
#ifndef IFAPI_POLICY_TYPES_H
#define IFAPI_POLICY_TYPES_H
#include "tss2_tpm2_types.h"
typedef UINT32 TPMI_POLICYTYPE;
#define POLICYELEMENTS 0
#define POLICYOR 1 /**< None */
#define POLICYSIGNED 2 /**< None */
#define POLICYSECRET 3 /**< None */
#define POLICYPCR 4 /**< None */
#define POLICYLOCALITY 5 /**< None */
#define POLICYNV 6 /**< None */
#define POLICYCOUNTERTIMER 7 /**< None */
#define POLICYCOMMANDCODE 8 /**< None */
#define POLICYPHYSICALPRESENCE 9 /**< None */
#define POLICYCPHASH 10 /**< None */
#define POLICYNAMEHASH 11 /**< None */
#define POLICYDUPLICATIONSELECT 12 /**< None */
#define POLICYAUTHORIZE 13 /**< None */
#define POLICYAUTHVALUE 14 /**< None */
#define POLICYPASSWORD 15 /**< None */
#define POLICYNVWRITTEN 16 /**< None */
#define POLICYTEMPLATE 17 /**< None */
#define POLICYAUTHORIZENV 18 /**< None */
#define POLICYACTION 19 /**< None */
/** Policy type TPMS_POLICYSIGNED
*/
typedef struct {
TPM2B_NONCE nonceTPM; /**< This is a value returned by TPM2_StartAuthSession and thus n */
TPM2B_DIGEST cpHashA; /**< This value will be automatically generated by the FAPI. */
TPM2B_NONCE policyRef; /**< Default is zero-length */
INT32 expiration; /**< This value will be -1 by the FAPI */
TPMT_SIGNATURE auth; /**< This value is generated from at runtime via a callback. */
TPM2B_NAME publicKey; /**< This will be automatically generated from keyPath, keyPublic */
char *publicKeyHint; /**< A human readable hint to denote which public key to use. */
char *keyPath; /**< A reference to a key inside the FAPI keystore */
TPMT_PUBLIC keyPublic; /**< None */
char *keyPEM; /**< <p>The TPM2B_NAME is constructed with a TPMT_PUBLIC from this */
TPMI_ALG_HASH keyPEMhashAlg; /**< (optional) Default = SHA256 */
TPMT_SIGNATURE signature_tpm;
} TPMS_POLICYSIGNED;
/** Policy type TPMS_POLICYSECRET
*/
typedef struct {
TPM2B_NONCE nonceTPM; /**< None */
TPM2B_DIGEST cpHashA; /**< None */
TPM2B_NONCE policyRef; /**< Default is zero length */
INT32 expiration; /**< None */
char *objectPath; /**< Path of the object */
TPM2B_NAME objectName; /**< Public name of the object */
} TPMS_POLICYSECRET;
/** Policy type TPMS_POLICYLOCALITY
*/
typedef struct {
TPMA_LOCALITY locality; /**< None */
} TPMS_POLICYLOCALITY;
/** Policy type TPMS_POLICYNV
*/
typedef struct {
char *nvPath; /**< None */
TPMI_RH_NV_INDEX nvIndex; /**< None */
TPM2B_NV_PUBLIC nvPublic; /**< None */
TPMI_RH_NV_AUTH authHandle; /**< This is determined by FAPI at runtime. */
TPM2B_OPERAND operandB; /**< None */
UINT16 offset; /**< Default value is 0 */
TPM2_EO operation; /**< Default value is EQUAL */
} TPMS_POLICYNV;
/** Policy type TPMS_POLICYCOUNTERTIMER
*/
typedef struct {
TPM2B_OPERAND operandB; /**< None */
UINT16 offset; /**< Default is 0 */
TPM2_EO operation; /**< None */
} TPMS_POLICYCOUNTERTIMER;
/** Policy type TPMS_POLICYCOMMANDCODE
*/
typedef struct {
TPM2_CC code; /**< None */
} TPMS_POLICYCOMMANDCODE;
/** Policy type TPMS_POLICYPHYSICALPRESENCE
*/
typedef struct {
} TPMS_POLICYPHYSICALPRESENCE;
/** Policy type TPMS_POLICYCPHASH
*/
typedef struct {
TPM2B_DIGEST cpHash; /**< None */
} TPMS_POLICYCPHASH;
/** Policy type TPMS_POLICYNAMEHASH
*/
typedef struct {
UINT32 count; /**< Computed during instantiation */
UINT32 i; /**< Temporary index for policy calculation */
TPM2B_NAME objectNames[3]; /**< computed during instantiation (if not initialized) */
char *namePaths[3]; /**< Paths of objects used for retrieving the names */
TPM2B_DIGEST nameHash; /**< computed during policy calculation */
} TPMS_POLICYNAMEHASH;
/** Policy type TPMS_POLICYDUPLICATIONSELECT
*/
typedef struct {
TPM2B_NAME objectName; /**< Will not be used (see includeObject) */
TPM2B_NAME newParentName; /**< Automatically calculated */
TPMI_YES_NO includeObject; /**< Always NO */
char *newParentPath; /**< None */
TPM2B_PUBLIC newParentPublic; /**< None */
} TPMS_POLICYDUPLICATIONSELECT;
/** Policy type TPMS_POLICYAUTHORIZATION
*/
typedef struct {
char *type; /**< tpm */
TPMT_PUBLIC key; /**< Selector of the algorithm used for the signature and the pub */
TPM2B_NONCE policyRef; /**< None */
TPMT_SIGNATURE signature; /**< None */
} TPMS_POLICYAUTHORIZATION;
typedef struct policy_object_node POLICY_OBJECT;
/** Policy type TPMS_POLICYAUTHORIZE
*/
typedef struct {
TPM2B_DIGEST approvedPolicy; /**< None */
TPM2B_NONCE policyRef; /**< None */
TPM2B_NAME keyName; /**< Not exposed in JSON, but generated from keyPath, keyPublic o */
TPMT_TK_VERIFIED checkTicket; /**< None */
char *keyPath; /**< A reference to a key inside the FAPI keystore */
TPMT_PUBLIC keyPublic; /**< None */
char *keyPEM; /**< <p> everyone in favour<br /> The TPM2B_NAME is constructed w */
TPMI_ALG_HASH keyPEMhashAlg; /**< (optional) Default = SHA256 */
POLICY_OBJECT *policy_list;
TPMS_POLICYAUTHORIZATION *authorization;
TPMT_SIGNATURE signature;
} TPMS_POLICYAUTHORIZE;
/** Policy type TPMS_POLICYAUTHVALUE
*/
typedef struct {
} TPMS_POLICYAUTHVALUE;
/** Policy type TPMS_POLICYPASSWORD
*/
typedef struct {
} TPMS_POLICYPASSWORD;
/** Policy type TPMS_POLICYNVWRITTEN
*/
typedef struct {
TPMI_YES_NO writtenSet; /**< Default is yes */
} TPMS_POLICYNVWRITTEN;
/** Policy type TPMS_POLICYTEMPLATE
*/
typedef struct {
TPM2B_DIGEST templateHash; /**< None */
TPM2B_PUBLIC templatePublic; /**< None */
char *templateName; /**< None */
} TPMS_POLICYTEMPLATE;
/** Policy type TPMS_POLICYAUTHORIZENV
*/
typedef struct {
char *nvPath; /**< None */
TPM2B_NV_PUBLIC nvPublic; /**< None */
TPM2B_DIGEST policy; /**< Policy Digest */
TPMT_HA nv_policy; /**< Policy stored in NV ram */
uint8_t *policy_buffer;
} TPMS_POLICYAUTHORIZENV;
/** Policy type TPMS_POLICYACTION
*/
typedef struct {
char *action; /**< The FAPI will return a string representation of the JSON sub */
} TPMS_POLICYACTION;
/** Policy type TPMS_PCRVALUE
*/
typedef struct {
UINT32 pcr; /**< None */
TPM2_ALG_ID hashAlg; /**< None */
TPMU_HA digest; /**< None */
} TPMS_PCRVALUE;
/** Policy type TPML_PCRVALUES
*/
typedef struct TPML_PCRVALUES {
UINT32 count; /**< None */
TPMS_PCRVALUE pcrs[]; /**< Array of pcr values */
} TPML_PCRVALUES;
/** Policy type TPMS_POLICYPCR
*/
typedef struct {
struct TPML_PCRVALUES *pcrs; /**< None */
TPMS_PCR_SELECT currentPCRs; /**< The hashAlg are inferred from */
TPML_PCR_SELECTION currentPCRandBanks; /**< Complete selection with banks */
} TPMS_POLICYPCR;
/** Policy type TPML_POLICYAUTHORIZATIONS
*/
typedef struct TPML_POLICYAUTHORIZATIONS {
UINT32 count; /**< None */
TPMS_POLICYAUTHORIZATION authorizations[]; /**< Array of policy elements */
} TPML_POLICYAUTHORIZATIONS;
typedef struct TPML_POLICYELEMENTS TPML_POLICYELEMENTS;
/** Policy type TPMS_POLICYBRANCH
*/
typedef struct {
char *name; /**< None */
char *description; /**< None */
TPML_DIGEST_VALUES policyDigests;
struct TPML_POLICYELEMENTS *policy; /**< Array of policy elements */
} TPMS_POLICYBRANCH;
/** Policy type TPML_POLICYBRANCHES
*/
typedef struct TPML_POLICYBRANCHES {
UINT32 count; /**< None */
TPMS_POLICYBRANCH authorizations[]; /**< Array of policy elements */
} TPML_POLICYBRANCHES;
/** Policy type TPMS_POLICYOR
*/
typedef struct {
struct TPML_POLICYBRANCHES *branches; /**< An (infinite) array of policy elements. This does not contai */
} TPMS_POLICYOR;
/** [u'']
*/
typedef union {
TPMS_POLICYOR PolicyOr; /**< None */
TPMS_POLICYSIGNED PolicySigned; /**< None */
TPMS_POLICYSECRET PolicySecret; /**< None */
TPMS_POLICYPCR PolicyPCR; /**< None */
TPMS_POLICYLOCALITY PolicyLocality; /**< None */
TPMS_POLICYNV PolicyNV; /**< None */
TPMS_POLICYCOUNTERTIMER PolicyCounterTimer; /**< None */
TPMS_POLICYCOMMANDCODE PolicyCommandCode; /**< None */
TPMS_POLICYPHYSICALPRESENCE PolicyPhysicalPresence; /**< None */
TPMS_POLICYCPHASH PolicyCpHash; /**< None */
TPMS_POLICYNAMEHASH PolicyNameHash; /**< None */
TPMS_POLICYDUPLICATIONSELECT PolicyDuplicationSelect; /**< None */
TPMS_POLICYAUTHORIZE PolicyAuthorize; /**< None */
TPMS_POLICYAUTHVALUE PolicyAuthValue; /**< None */
TPMS_POLICYPASSWORD PolicyPassword; /**< None */
TPMS_POLICYNVWRITTEN PolicyNvWritten; /**< None */
TPMS_POLICYTEMPLATE PolicyTemplate; /**< None */
TPMS_POLICYAUTHORIZENV PolicyAuthorizeNv; /**< None */
TPMS_POLICYACTION PolicyAction; /**< None */
} TPMU_POLICYELEMENT;
/** Policy type TPMT_POLICYELEMENT
*/
typedef struct {
TPMI_POLICYTYPE type; /**< None */
TPML_DIGEST_VALUES policyDigests; /**< None */
TPMU_POLICYELEMENT element; /**< The union does is not embedded inside a field. */
} TPMT_POLICYELEMENT;
/** Policy type TPML_POLICYELEMENTS
*/
struct TPML_POLICYELEMENTS {
UINT32 count; /**< None */
TPMT_POLICYELEMENT elements[]; /**< Array of policy elements */
};
/** Policy type TPMS_POLICY
*/
typedef struct TPMS_POLICY {
char *description; /**< O */
TPML_DIGEST_VALUES policyDigests; /**< O */
struct TPML_POLICYAUTHORIZATIONS *policyAuthorizations; /**< O */
struct TPML_POLICYELEMENTS *policy; /**< X */
} TPMS_POLICY;
#endif /* IFAPI_POLICY_TYPES_H */