Google Git
Sign in
fuchsia / third_party / github.com / tpm2-software / tpm2-tss / refs/heads/upstream/3.0.x / . / src / tss2-sys / api / Tss2_Sys_PolicySigned.c
blob: df1295de064d15c2cf907d1422612b3d216d573a [file] [log] [blame]
/* SPDX-License-Identifier: BSD-2-Clause */
/***********************************************************************;
* Copyright (c) 2015 - 2017, Intel Corporation
* All rights reserved.
***********************************************************************/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "tss2_tpm2_types.h"
#include "tss2_mu.h"
#include "sysapi_util.h"
TSS2_RC Tss2_Sys_PolicySigned_Prepare(
TSS2_SYS_CONTEXT *sysContext,
TPMI_DH_OBJECT authObject,
TPMI_SH_POLICY policySession,
const TPM2B_NONCE *nonceTPM,
const TPM2B_DIGEST *cpHashA,
const TPM2B_NONCE *policyRef,
INT32 expiration,
const TPMT_SIGNATURE *auth)
{
_TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
TSS2_RC rval;
if (!ctx || !auth)
return TSS2_SYS_RC_BAD_REFERENCE;
rval = CommonPreparePrologue(ctx, TPM2_CC_PolicySigned);
if (rval)
return rval;
rval = Tss2_MU_UINT32_Marshal(authObject, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
if (rval)
return rval;
rval = Tss2_MU_UINT32_Marshal(policySession, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
if (rval)
return rval;
if (!nonceTPM) {
ctx->decryptNull = 1;
rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
} else {
rval = Tss2_MU_TPM2B_NONCE_Marshal(nonceTPM, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
}
if (rval)
return rval;
if (!cpHashA) {
rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
} else {
rval = Tss2_MU_TPM2B_DIGEST_Marshal(cpHashA, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
}
if (rval)
return rval;
if (!policyRef) {
rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
} else {
rval = Tss2_MU_TPM2B_NONCE_Marshal(policyRef, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
}
if (rval)
return rval;
rval = Tss2_MU_UINT32_Marshal(expiration, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
if (rval)
return rval;
rval = Tss2_MU_TPMT_SIGNATURE_Marshal(auth, ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData);
if (rval)
return rval;
ctx->decryptAllowed = 1;
ctx->encryptAllowed = 1;
ctx->authAllowed = 1;
return CommonPrepareEpilogue(ctx);
}
TSS2_RC Tss2_Sys_PolicySigned_Complete(
TSS2_SYS_CONTEXT *sysContext,
TPM2B_TIMEOUT *timeout,
TPMT_TK_AUTH *policyTicket)
{
_TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
TSS2_RC rval;
if (!ctx)
return TSS2_SYS_RC_BAD_REFERENCE;
rval = CommonComplete(ctx);
if (rval)
return rval;
rval = Tss2_MU_TPM2B_TIMEOUT_Unmarshal(ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData, timeout);
if (rval)
return rval;
return Tss2_MU_TPMT_TK_AUTH_Unmarshal(ctx->cmdBuffer,
ctx->maxCmdSize,
&ctx->nextData, policyTicket);
}
TSS2_RC Tss2_Sys_PolicySigned(
TSS2_SYS_CONTEXT *sysContext,
TPMI_DH_OBJECT authObject,
TPMI_SH_POLICY policySession,
TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray,
const TPM2B_NONCE *nonceTPM,
const TPM2B_DIGEST *cpHashA,
const TPM2B_NONCE *policyRef,
INT32 expiration,
const TPMT_SIGNATURE *auth,
TPM2B_TIMEOUT *timeout,
TPMT_TK_AUTH *policyTicket,
TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray)
{
_TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
TSS2_RC rval;
if (!auth)
return TSS2_SYS_RC_BAD_REFERENCE;
rval = Tss2_Sys_PolicySigned_Prepare(sysContext, authObject, policySession, nonceTPM, cpHashA, policyRef, expiration, auth);
if (rval)
return rval;
rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray);
if (rval)
return rval;
return Tss2_Sys_PolicySigned_Complete(sysContext, timeout, policyTicket);
}