SetPrimaryPolicy.c - platform/external/tpm2 - Gitiles

 // This file was extracted from the TCG Published
 // Trusted Platform Module Library
 // Part 3: Commands
 // Family "2.0"
 // Level 00 Revision 01.16
 // October 30, 2014

 #include "InternalRoutines.h"
 #include "SetPrimaryPolicy_fp.h"
 //
 //
 //     Error Returns               Meaning
 //
 //     TPM_RC_SIZE                 size of input authPolicy is not consistent with input hash algorithm
 //
 TPM_RC
 TPM2_SetPrimaryPolicy(
    SetPrimaryPolicy_In    *in                 // IN: input parameter list
    )
 {
    TPM_RC                  result;

 // Input Validation

    // Check the authPolicy consistent with hash algorithm. If the policy size is
    // zero, then the algorithm is required to be TPM_ALG_NULL
    if(in->authPolicy.t.size != CryptGetHashDigestSize(in->hashAlg))
        return TPM_RC_SIZE + RC_SetPrimaryPolicy_authPolicy;

    // The command need NV update for OWNER and ENDORSEMENT hierarchy, and
    // might need orderlyState update for PLATFROM hierarchy.
    // Check if NV is available. A TPM_RC_NV_UNAVAILABLE or TPM_RC_NV_RATE
    // error may be returned at this point
    result = NvIsAvailable();
    if(result != TPM_RC_SUCCESS)
        return result;

 // Internal Data Update

    // Set hierarchy policy
    switch(in->authHandle)
    {
        case TPM_RH_OWNER:
            gp.ownerAlg = in->hashAlg;
            gp.ownerPolicy = in->authPolicy;
            NvWriteReserved(NV_OWNER_ALG, &gp.ownerAlg);
            NvWriteReserved(NV_OWNER_POLICY, &gp.ownerPolicy);
            break;
        case TPM_RH_ENDORSEMENT:
            gp.endorsementAlg = in->hashAlg;
            gp.endorsementPolicy = in->authPolicy;
            NvWriteReserved(NV_ENDORSEMENT_ALG, &gp.endorsementAlg);
            NvWriteReserved(NV_ENDORSEMENT_POLICY, &gp.endorsementPolicy);
            break;
        case TPM_RH_PLATFORM:
            gc.platformAlg = in->hashAlg;
            gc.platformPolicy = in->authPolicy;
            // need to update orderly state
            g_clearOrderly = TRUE;
            break;
        case TPM_RH_LOCKOUT:
            gp.lockoutAlg = in->hashAlg;
            gp.lockoutPolicy = in->authPolicy;
            NvWriteReserved(NV_LOCKOUT_ALG, &gp.lockoutAlg);
            NvWriteReserved(NV_LOCKOUT_POLICY, &gp.lockoutPolicy);
            break;

        default:
             pAssert(FALSE);
             break;
    }

    return TPM_RC_SUCCESS;
 }
	// This file was extracted from the TCG Published
	// Trusted Platform Module Library
	// Part 3: Commands
	// Family "2.0"
	// Level 00 Revision 01.16
	// October 30, 2014

	#include "InternalRoutines.h"
	#include "SetPrimaryPolicy_fp.h"
	//
	//
	// Error Returns Meaning
	//
	// TPM_RC_SIZE size of input authPolicy is not consistent with input hash algorithm
	//
	TPM_RC
	TPM2_SetPrimaryPolicy(
	SetPrimaryPolicy_In *in // IN: input parameter list
	)
	{
	TPM_RC result;

	// Input Validation

	// Check the authPolicy consistent with hash algorithm. If the policy size is
	// zero, then the algorithm is required to be TPM_ALG_NULL
	if(in->authPolicy.t.size != CryptGetHashDigestSize(in->hashAlg))
	return TPM_RC_SIZE + RC_SetPrimaryPolicy_authPolicy;

	// The command need NV update for OWNER and ENDORSEMENT hierarchy, and
	// might need orderlyState update for PLATFROM hierarchy.
	// Check if NV is available. A TPM_RC_NV_UNAVAILABLE or TPM_RC_NV_RATE
	// error may be returned at this point
	result = NvIsAvailable();
	if(result != TPM_RC_SUCCESS)
	return result;

	// Internal Data Update

	// Set hierarchy policy
	switch(in->authHandle)
	{
	case TPM_RH_OWNER:
	gp.ownerAlg = in->hashAlg;
	gp.ownerPolicy = in->authPolicy;
	NvWriteReserved(NV_OWNER_ALG, &gp.ownerAlg);
	NvWriteReserved(NV_OWNER_POLICY, &gp.ownerPolicy);
	break;
	case TPM_RH_ENDORSEMENT:
	gp.endorsementAlg = in->hashAlg;
	gp.endorsementPolicy = in->authPolicy;
	NvWriteReserved(NV_ENDORSEMENT_ALG, &gp.endorsementAlg);
	NvWriteReserved(NV_ENDORSEMENT_POLICY, &gp.endorsementPolicy);
	break;
	case TPM_RH_PLATFORM:
	gc.platformAlg = in->hashAlg;
	gc.platformPolicy = in->authPolicy;
	// need to update orderly state
	g_clearOrderly = TRUE;
	break;
	case TPM_RH_LOCKOUT:
	gp.lockoutAlg = in->hashAlg;
	gp.lockoutPolicy = in->authPolicy;
	NvWriteReserved(NV_LOCKOUT_ALG, &gp.lockoutAlg);
	NvWriteReserved(NV_LOCKOUT_POLICY, &gp.lockoutPolicy);
	break;

	default:
	pAssert(FALSE);
	break;
	}

	return TPM_RC_SUCCESS;
	}