| /* SPDX-License-Identifier: BSD-2-Clause */ |
| /******************************************************************************* |
| * Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG |
| * All rights reserved. |
| *******************************************************************************/ |
| #ifndef FAPI_POLICY_CALLBACKS_H |
| #define FAPI_POLICY_CALLBACKS_H |
| |
| |
| /** The states for policy execution callbacks */ |
| enum IFAPI_STATE_POL_CB_EXCECUTE { |
| POL_CB_EXECUTE_INIT = 0, |
| POL_CB_LOAD_KEY, |
| POL_CB_SEARCH_POLICY, |
| POL_CB_EXECUTE_SUB_POLICY, |
| POL_CB_NV_READ, |
| POL_CB_READ_NV_POLICY, |
| POL_CB_READ_OBJECT, |
| POL_CB_AUTHORIZE_OBJECT |
| }; |
| |
| /** The context of the policy execution */ |
| typedef struct { |
| enum IFAPI_STATE_POL_CB_EXCECUTE cb_state; |
| /**< The execution state of the current policy callback */ |
| char*object_path; /**< The pathname determined by object search */ |
| IFAPI_OBJECT object; /**< Object to be authorized */ |
| ESYS_TR key_handle; /**< Handle of a used key */ |
| ESYS_TR nv_index; /**< Index of nv object storing a policy */ |
| ESYS_TR auth_index; /**< Index of authorization object */ |
| IFAPI_OBJECT auth_object; /**< FAPI auth object needed for authorization */ |
| IFAPI_OBJECT *key_object_ptr; |
| IFAPI_OBJECT *auth_object_ptr; |
| IFAPI_NV_Cmds nv_cmd_state; |
| IFAPI_NV_Cmds nv_cmd_state_sav; /**< backup for state of fapi nv commands */ |
| TPM2B_DIGEST policy_digest; |
| ESYS_TR session; |
| TPMS_POLICY *policy; |
| } IFAPI_POLICY_EXEC_CB_CTX; |
| |
| TSS2_RC |
| ifapi_get_key_public( |
| const char *path, |
| TPMT_PUBLIC *public, |
| void *context); |
| |
| TSS2_RC |
| ifapi_get_object_name( |
| const char *path, |
| TPM2B_NAME *name, |
| void *context); |
| |
| TSS2_RC |
| ifapi_get_nv_public( |
| const char *path, |
| TPM2B_NV_PUBLIC *nv_public, |
| void *context); |
| |
| TSS2_RC |
| ifapi_read_pcr( |
| TPMS_PCR_SELECT *pcr_select, |
| TPML_PCR_SELECTION *pcr_selection, |
| TPML_PCRVALUES **pcr_values, |
| void *ctx); |
| |
| TSS2_RC |
| ifapi_policyeval_cbauth( |
| TPM2B_NAME *name, |
| ESYS_TR *object_handle, |
| ESYS_TR *auth_handle, |
| ESYS_TR *authSession, |
| void *userdata); |
| |
| TSS2_RC |
| ifapi_branch_selection( |
| TPML_POLICYBRANCHES *branches, |
| size_t *branch_idx, |
| void *userdata); |
| |
| TSS2_RC |
| ifapi_sign_buffer( |
| char *key_pem, |
| char *public_key_hint, |
| TPMI_ALG_HASH key_pem_hash_alg, |
| uint8_t *buffer, |
| size_t buffer_size, |
| uint8_t **signature, |
| size_t *signature_size, |
| void *userdata); |
| |
| TSS2_RC |
| ifapi_exec_auth_policy( |
| TPMT_PUBLIC *key_public, |
| TPMI_ALG_HASH hash_alg, |
| TPM2B_DIGEST *digest, |
| TPMT_SIGNATURE *signature, |
| void *userdata); |
| |
| TSS2_RC |
| ifapi_exec_auth_nv_policy( |
| TPM2B_NV_PUBLIC *nv_public, |
| TPMI_ALG_HASH hash_alg, |
| void *userdata); |
| |
| TSS2_RC |
| ifapi_get_duplicate_name( |
| TPM2B_NAME *name, |
| void *userdata); |
| |
| TSS2_RC |
| ifapi_policy_action( |
| const char *action, |
| void *userdata); |
| |
| #endif /* FAPI_POLICY_CALLBACKS_H */ |