| /* SPDX-License-Identifier: BSD-2-Clause */ |
| /***********************************************************************; |
| * Copyright (c) 2015 - 2017, Intel Corporation |
| * All rights reserved. |
| ***********************************************************************/ |
| |
| #ifdef HAVE_CONFIG_H |
| #include <config.h> |
| #endif |
| |
| #include "tss2_tpm2_types.h" |
| #include "tss2_mu.h" |
| #include "sysapi_util.h" |
| |
| TSS2_RC Tss2_Sys_PolicySigned_Prepare( |
| TSS2_SYS_CONTEXT *sysContext, |
| TPMI_DH_OBJECT authObject, |
| TPMI_SH_POLICY policySession, |
| const TPM2B_NONCE *nonceTPM, |
| const TPM2B_DIGEST *cpHashA, |
| const TPM2B_NONCE *policyRef, |
| INT32 expiration, |
| const TPMT_SIGNATURE *auth) |
| { |
| _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext); |
| TSS2_RC rval; |
| |
| if (!ctx || !auth) |
| return TSS2_SYS_RC_BAD_REFERENCE; |
| |
| rval = CommonPreparePrologue(ctx, TPM2_CC_PolicySigned); |
| if (rval) |
| return rval; |
| |
| rval = Tss2_MU_UINT32_Marshal(authObject, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| if (rval) |
| return rval; |
| |
| rval = Tss2_MU_UINT32_Marshal(policySession, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| if (rval) |
| return rval; |
| |
| if (!nonceTPM) { |
| ctx->decryptNull = 1; |
| |
| rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| } else { |
| |
| rval = Tss2_MU_TPM2B_NONCE_Marshal(nonceTPM, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| } |
| |
| if (rval) |
| return rval; |
| |
| if (!cpHashA) { |
| rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| |
| } else { |
| |
| rval = Tss2_MU_TPM2B_DIGEST_Marshal(cpHashA, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| } |
| |
| if (rval) |
| return rval; |
| |
| if (!policyRef) { |
| rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| |
| } else { |
| |
| rval = Tss2_MU_TPM2B_NONCE_Marshal(policyRef, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| } |
| |
| if (rval) |
| return rval; |
| |
| rval = Tss2_MU_UINT32_Marshal(expiration, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| if (rval) |
| return rval; |
| |
| rval = Tss2_MU_TPMT_SIGNATURE_Marshal(auth, ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData); |
| if (rval) |
| return rval; |
| |
| ctx->decryptAllowed = 1; |
| ctx->encryptAllowed = 1; |
| ctx->authAllowed = 1; |
| |
| return CommonPrepareEpilogue(ctx); |
| } |
| |
| TSS2_RC Tss2_Sys_PolicySigned_Complete( |
| TSS2_SYS_CONTEXT *sysContext, |
| TPM2B_TIMEOUT *timeout, |
| TPMT_TK_AUTH *policyTicket) |
| { |
| _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext); |
| TSS2_RC rval; |
| |
| if (!ctx) |
| return TSS2_SYS_RC_BAD_REFERENCE; |
| |
| rval = CommonComplete(ctx); |
| if (rval) |
| return rval; |
| |
| rval = Tss2_MU_TPM2B_TIMEOUT_Unmarshal(ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData, timeout); |
| if (rval) |
| return rval; |
| |
| return Tss2_MU_TPMT_TK_AUTH_Unmarshal(ctx->cmdBuffer, |
| ctx->maxCmdSize, |
| &ctx->nextData, policyTicket); |
| } |
| |
| TSS2_RC Tss2_Sys_PolicySigned( |
| TSS2_SYS_CONTEXT *sysContext, |
| TPMI_DH_OBJECT authObject, |
| TPMI_SH_POLICY policySession, |
| TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray, |
| const TPM2B_NONCE *nonceTPM, |
| const TPM2B_DIGEST *cpHashA, |
| const TPM2B_NONCE *policyRef, |
| INT32 expiration, |
| const TPMT_SIGNATURE *auth, |
| TPM2B_TIMEOUT *timeout, |
| TPMT_TK_AUTH *policyTicket, |
| TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray) |
| { |
| _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext); |
| TSS2_RC rval; |
| |
| if (!auth) |
| return TSS2_SYS_RC_BAD_REFERENCE; |
| |
| rval = Tss2_Sys_PolicySigned_Prepare(sysContext, authObject, policySession, nonceTPM, cpHashA, policyRef, expiration, auth); |
| if (rval) |
| return rval; |
| |
| rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray); |
| if (rval) |
| return rval; |
| |
| return Tss2_Sys_PolicySigned_Complete(sysContext, timeout, policyTicket); |
| } |