15679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// This file was extracted from the TCG Published
25679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Trusted Platform Module Library
35679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Part 3: Commands
45679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Family "2.0"
55679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Level 00 Revision 01.16
65679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// October 30, 2014
75679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
85679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#include "InternalRoutines.h"
95679752bf24c21135884e987c4077e2f7184897Vadim Bendebury#include "PolicyNvWritten_fp.h"
105679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
115679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//     Make an NV Index policy dependent on the state of the TPMA_NV_WRITTEN attribute of the index.
125679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
135679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//     Error Returns                   Meaning
145679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
155679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//     TPM_RC_VALUE                    a conflicting request for the attribute has already been processed
165679752bf24c21135884e987c4077e2f7184897Vadim Bendebury//
175679752bf24c21135884e987c4077e2f7184897Vadim BendeburyTPM_RC
185679752bf24c21135884e987c4077e2f7184897Vadim BendeburyTPM2_PolicyNvWritten(
195679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   PolicyNvWritten_In    *in                 // IN: input parameter list
205679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   )
215679752bf24c21135884e987c4077e2f7184897Vadim Bendebury{
225679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   SESSION      *session;
235679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   TPM_CC        commandCode = TPM_CC_PolicyNvWritten;
245679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   HASH_STATE    hashState;
255679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
265679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Input Validation
275679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
285679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // Get pointer to the session structure
295679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   session = SessionGet(in->policySession);
305679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
315679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // If already set is this a duplicate (the same setting)? If it
325679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // is a conflicting setting, it is an error
335679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   if(session->attributes.checkNvWritten == SET)
345679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   {
355679752bf24c21135884e987c4077e2f7184897Vadim Bendebury       if((    (session->attributes.nvWrittenState == SET)
365679752bf24c21135884e987c4077e2f7184897Vadim Bendebury           != (in->writtenSet == YES)))
375679752bf24c21135884e987c4077e2f7184897Vadim Bendebury           return TPM_RC_VALUE + RC_PolicyNvWritten_writtenSet;
385679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   }
395679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
405679752bf24c21135884e987c4077e2f7184897Vadim Bendebury// Internal Data Update
415679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
425679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // Set session attributes so that the NV Index needs to be checked
435679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   session->attributes.checkNvWritten = SET;
445679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   session->attributes.nvWrittenState = (in->writtenSet == YES);
455679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
465679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // Update policy hash
475679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // policyDigestnew = hash(policyDigestold || TPM_CC_PolicyNvWritten
485679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   //                          || writtenSet)
495679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // Start hash
505679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   CryptStartHash(session->authHashAlg, &hashState);
515679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
525679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // add old digest
535679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   CryptUpdateDigest2B(&hashState, &session->u2.policyDigest.b);
545679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
555679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // add commandCode
565679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   CryptUpdateDigestInt(&hashState, sizeof(TPM_CC), &commandCode);
575679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
585679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // add the byte of writtenState
595679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   CryptUpdateDigestInt(&hashState, sizeof(TPMI_YES_NO), &in->writtenSet);
605679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
615679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   // complete the digest
625679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   CryptCompleteHash2B(&hashState, &session->u2.policyDigest.b);
635679752bf24c21135884e987c4077e2f7184897Vadim Bendebury
645679752bf24c21135884e987c4077e2f7184897Vadim Bendebury   return TPM_RC_SUCCESS;
655679752bf24c21135884e987c4077e2f7184897Vadim Bendebury}
66