1// This file was extracted from the TCG Published 2// Trusted Platform Module Library 3// Part 3: Commands 4// Family "2.0" 5// Level 00 Revision 01.16 6// October 30, 2014 7 8#include "InternalRoutines.h" 9#include "PolicyPCR_fp.h" 10// 11// 12// Error Returns Meaning 13// 14// TPM_RC_VALUE if provided, pcrDigest does not match the current PCR settings 15// TPM_RC_PCR_CHANGED a previous TPM2_PolicyPCR() set pcrCounter and it has changed 16// 17TPM_RC 18TPM2_PolicyPCR( 19 PolicyPCR_In *in // IN: input parameter list 20 ) 21{ 22 SESSION *session; 23 TPM2B_DIGEST pcrDigest; 24 BYTE pcrs[sizeof(TPML_PCR_SELECTION)]; 25 UINT32 pcrSize; 26 BYTE *buffer; 27 INT32 bufferSize; 28 TPM_CC commandCode = TPM_CC_PolicyPCR; 29 HASH_STATE hashState; 30 31// Input Validation 32 33 // Get pointer to the session structure 34 session = SessionGet(in->policySession); 35 36 // Do validation for non trial session 37 if(session->attributes.isTrialPolicy == CLEAR) 38 { 39 // Make sure that this is not going to invalidate a previous PCR check 40 if(session->pcrCounter != 0 && session->pcrCounter != gr.pcrCounter) 41 return TPM_RC_PCR_CHANGED; 42 43 // Compute current PCR digest 44 PCRComputeCurrentDigest(session->authHashAlg, &in->pcrs, &pcrDigest); 45 46 // If the caller specified the PCR digest and it does not 47 // match the current PCR settings, return an error.. 48 if(in->pcrDigest.t.size != 0) 49 { 50 if(!Memory2BEqual(&in->pcrDigest.b, &pcrDigest.b)) 51 return TPM_RC_VALUE + RC_PolicyPCR_pcrDigest; 52 } 53 } 54 else 55 { 56 // For trial session, just use the input PCR digest 57 pcrDigest = in->pcrDigest; 58 } 59// Internal Data Update 60 61 // Update policy hash 62 // policyDigestnew = hash( policyDigestold || TPM_CC_PolicyPCR 63 // || pcrs || pcrDigest) 64 // Start hash 65 CryptStartHash(session->authHashAlg, &hashState); 66 67 // add old digest 68 CryptUpdateDigest2B(&hashState, &session->u2.policyDigest.b); 69 70 // add commandCode 71 CryptUpdateDigestInt(&hashState, sizeof(TPM_CC), &commandCode); 72 73 // add PCRS 74 buffer = pcrs; 75 bufferSize = sizeof(TPML_PCR_SELECTION); 76 pcrSize = TPML_PCR_SELECTION_Marshal(&in->pcrs, &buffer, &bufferSize); 77 CryptUpdateDigest(&hashState, pcrSize, pcrs); 78 79 // add PCR digest 80 CryptUpdateDigest2B(&hashState, &pcrDigest.b); 81 82 // complete the hash and get the results 83 CryptCompleteHash2B(&hashState, &session->u2.policyDigest.b); 84 85 // update pcrCounter in session context for non trial session 86 if(session->attributes.isTrialPolicy == CLEAR) 87 { 88 session->pcrCounter = gr.pcrCounter; 89 } 90 91 return TPM_RC_SUCCESS; 92} 93