1 // This file was extracted from the TCG Published
2 // Trusted Platform Module Library
3 // Part 3: Commands
4 // Family "2.0"
5 // Level 00 Revision 01.16
6 // October 30, 2014
7 
8 #include "InternalRoutines.h"
9 #include "PolicyNvWritten_fp.h"
10 //
11 //     Make an NV Index policy dependent on the state of the TPMA_NV_WRITTEN attribute of the index.
12 //
13 //     Error Returns                   Meaning
14 //
15 //     TPM_RC_VALUE                    a conflicting request for the attribute has already been processed
16 //
17 TPM_RC
TPM2_PolicyNvWritten(PolicyNvWritten_In * in)18 TPM2_PolicyNvWritten(
19    PolicyNvWritten_In    *in                 // IN: input parameter list
20    )
21 {
22    SESSION      *session;
23    TPM_CC        commandCode = TPM_CC_PolicyNvWritten;
24    HASH_STATE    hashState;
25 
26 // Input Validation
27 
28    // Get pointer to the session structure
29    session = SessionGet(in->policySession);
30 
31    // If already set is this a duplicate (the same setting)? If it
32    // is a conflicting setting, it is an error
33    if(session->attributes.checkNvWritten == SET)
34    {
35        if((    (session->attributes.nvWrittenState == SET)
36            != (in->writtenSet == YES)))
37            return TPM_RC_VALUE + RC_PolicyNvWritten_writtenSet;
38    }
39 
40 // Internal Data Update
41 
42    // Set session attributes so that the NV Index needs to be checked
43    session->attributes.checkNvWritten = SET;
44    session->attributes.nvWrittenState = (in->writtenSet == YES);
45 
46    // Update policy hash
47    // policyDigestnew = hash(policyDigestold || TPM_CC_PolicyNvWritten
48    //                          || writtenSet)
49    // Start hash
50    CryptStartHash(session->authHashAlg, &hashState);
51 
52    // add old digest
53    CryptUpdateDigest2B(&hashState, &session->u2.policyDigest.b);
54 
55    // add commandCode
56    CryptUpdateDigestInt(&hashState, sizeof(TPM_CC), &commandCode);
57 
58    // add the byte of writtenState
59    CryptUpdateDigestInt(&hashState, sizeof(TPMI_YES_NO), &in->writtenSet);
60 
61    // complete the digest
62    CryptCompleteHash2B(&hashState, &session->u2.policyDigest.b);
63 
64    return TPM_RC_SUCCESS;
65 }
66