/* SPDX-License-Identifier: BSD-2-Clause */ /***********************************************************************; * Copyright (c) 2015 - 2017, Intel Corporation * All rights reserved. ***********************************************************************/ #ifdef HAVE_CONFIG_H #include #endif #include "tss2_tpm2_types.h" #include "tss2_mu.h" #include "sysapi_util.h" TSS2_RC Tss2_Sys_PolicySigned_Prepare( TSS2_SYS_CONTEXT *sysContext, TPMI_DH_OBJECT authObject, TPMI_SH_POLICY policySession, const TPM2B_NONCE *nonceTPM, const TPM2B_DIGEST *cpHashA, const TPM2B_NONCE *policyRef, INT32 expiration, const TPMT_SIGNATURE *auth) { _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext); TSS2_RC rval; if (!ctx || !auth) return TSS2_SYS_RC_BAD_REFERENCE; rval = CommonPreparePrologue(ctx, TPM2_CC_PolicySigned); if (rval) return rval; rval = Tss2_MU_UINT32_Marshal(authObject, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); if (rval) return rval; rval = Tss2_MU_UINT32_Marshal(policySession, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); if (rval) return rval; if (!nonceTPM) { ctx->decryptNull = 1; rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); } else { rval = Tss2_MU_TPM2B_NONCE_Marshal(nonceTPM, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); } if (rval) return rval; if (!cpHashA) { rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); } else { rval = Tss2_MU_TPM2B_DIGEST_Marshal(cpHashA, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); } if (rval) return rval; if (!policyRef) { rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); } else { rval = Tss2_MU_TPM2B_NONCE_Marshal(policyRef, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); } if (rval) return rval; rval = Tss2_MU_UINT32_Marshal(expiration, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); if (rval) return rval; rval = Tss2_MU_TPMT_SIGNATURE_Marshal(auth, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData); if (rval) return rval; ctx->decryptAllowed = 1; ctx->encryptAllowed = 1; ctx->authAllowed = 1; return CommonPrepareEpilogue(ctx); } TSS2_RC Tss2_Sys_PolicySigned_Complete( TSS2_SYS_CONTEXT *sysContext, TPM2B_TIMEOUT *timeout, TPMT_TK_AUTH *policyTicket) { _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext); TSS2_RC rval; if (!ctx) return TSS2_SYS_RC_BAD_REFERENCE; rval = CommonComplete(ctx); if (rval) return rval; rval = Tss2_MU_TPM2B_TIMEOUT_Unmarshal(ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData, timeout); if (rval) return rval; return Tss2_MU_TPMT_TK_AUTH_Unmarshal(ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData, policyTicket); } TSS2_RC Tss2_Sys_PolicySigned( TSS2_SYS_CONTEXT *sysContext, TPMI_DH_OBJECT authObject, TPMI_SH_POLICY policySession, TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray, const TPM2B_NONCE *nonceTPM, const TPM2B_DIGEST *cpHashA, const TPM2B_NONCE *policyRef, INT32 expiration, const TPMT_SIGNATURE *auth, TPM2B_TIMEOUT *timeout, TPMT_TK_AUTH *policyTicket, TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray) { _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext); TSS2_RC rval; if (!auth) return TSS2_SYS_RC_BAD_REFERENCE; rval = Tss2_Sys_PolicySigned_Prepare(sysContext, authObject, policySession, nonceTPM, cpHashA, policyRef, expiration, auth); if (rval) return rval; rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray); if (rval) return rval; return Tss2_Sys_PolicySigned_Complete(sysContext, timeout, policyTicket); }