Blame - PolicyPCR.c - platform/external/tpm2

blob: a9400fca6ac4eb2b4c3e8bf6bf859dd3df249a49 [file] [log] [blame]

Vadim Bendebury	5679752	2015-05-20 10:32:25 -0700	[diff] [blame]	1	// This file was extracted from the TCG Published
				2	// Trusted Platform Module Library
				3	// Part 3: Commands
				4	// Family "2.0"
				5	// Level 00 Revision 01.16
				6	// October 30, 2014
				7
				8	#include "InternalRoutines.h"
				9	#include "PolicyPCR_fp.h"
				10	//
				11	//
				12	// Error Returns Meaning
				13	//
				14	// TPM_RC_VALUE if provided, pcrDigest does not match the current PCR settings
				15	// TPM_RC_PCR_CHANGED a previous TPM2_PolicyPCR() set pcrCounter and it has changed
				16	//
				17	TPM_RC
				18	TPM2_PolicyPCR(
				19	PolicyPCR_In *in // IN: input parameter list
				20	)
				21	{
				22	SESSION *session;
				23	TPM2B_DIGEST pcrDigest;
				24	BYTE pcrs[sizeof(TPML_PCR_SELECTION)];
				25	UINT32 pcrSize;
				26	BYTE *buffer;
				27	TPM_CC commandCode = TPM_CC_PolicyPCR;
				28	HASH_STATE hashState;
				29
				30	// Input Validation
				31
				32	// Get pointer to the session structure
				33	session = SessionGet(in->policySession);
				34
				35	// Do validation for non trial session
				36	if(session->attributes.isTrialPolicy == CLEAR)
				37	{
				38	// Make sure that this is not going to invalidate a previous PCR check
				39	if(session->pcrCounter != 0 && session->pcrCounter != gr.pcrCounter)
				40	return TPM_RC_PCR_CHANGED;
				41
				42	// Compute current PCR digest
				43	PCRComputeCurrentDigest(session->authHashAlg, &in->pcrs, &pcrDigest);
				44
				45	// If the caller specified the PCR digest and it does not
				46	// match the current PCR settings, return an error..
				47	if(in->pcrDigest.t.size != 0)
				48	{
				49	if(!Memory2BEqual(&in->pcrDigest.b, &pcrDigest.b))
				50	return TPM_RC_VALUE + RC_PolicyPCR_pcrDigest;
				51	}
				52	}
				53	else
				54	{
				55	// For trial session, just use the input PCR digest
				56	pcrDigest = in->pcrDigest;
				57	}
				58	// Internal Data Update
				59
				60	// Update policy hash
				61	// policyDigestnew = hash( policyDigestold \|\| TPM_CC_PolicyPCR
				62	// \|\| pcrs \|\| pcrDigest)
				63	// Start hash
				64	CryptStartHash(session->authHashAlg, &hashState);
				65
				66	// add old digest
				67	CryptUpdateDigest2B(&hashState, &session->u2.policyDigest.b);
				68
				69	// add commandCode
				70	CryptUpdateDigestInt(&hashState, sizeof(TPM_CC), &commandCode);
				71
				72	// add PCRS
				73	buffer = pcrs;
				74	pcrSize = TPML_PCR_SELECTION_Marshal(&in->pcrs, &buffer, NULL);
				75	CryptUpdateDigest(&hashState, pcrSize, pcrs);
				76
				77	// add PCR digest
				78	CryptUpdateDigest2B(&hashState, &pcrDigest.b);
				79
				80	// complete the hash and get the results
				81	CryptCompleteHash2B(&hashState, &session->u2.policyDigest.b);
				82
				83	// update pcrCounter in session context for non trial session
				84	if(session->attributes.isTrialPolicy == CLEAR)
				85	{
				86	session->pcrCounter = gr.pcrCounter;
				87	}
				88
				89	return TPM_RC_SUCCESS;
				90	}