- Generated on Fri Nov 15 2024 18:01:41 for TianoCore EDK2 by
1.9.6
|
TianoCore EDK2 master
|
#include <IndustryStandard/UefiTcgPlatform.h>#include <Library/Tpm2CommandLib.h>#include <Library/Tpm2DeviceLib.h>#include <Library/BaseMemoryLib.h>#include <Library/BaseLib.h>#include <Library/DebugLib.h>Go to the source code of this file.
Data Structures | |
| struct | TPM2_POLICY_SECRET_COMMAND |
| struct | TPM2_POLICY_SECRET_RESPONSE |
| struct | TPM2_POLICY_OR_COMMAND |
| struct | TPM2_POLICY_OR_RESPONSE |
| struct | TPM2_POLICY_COMMAND_CODE_COMMAND |
| struct | TPM2_POLICY_COMMAND_CODE_RESPONSE |
| struct | TPM2_POLICY_GET_DIGEST_COMMAND |
| struct | TPM2_POLICY_GET_DIGEST_RESPONSE |
Functions | |
| EFI_STATUS EFIAPI | Tpm2PolicySecret (IN TPMI_DH_ENTITY AuthHandle, IN TPMI_SH_POLICY PolicySession, IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL, IN TPM2B_NONCE *NonceTPM, IN TPM2B_DIGEST *CpHashA, IN TPM2B_NONCE *PolicyRef, IN INT32 Expiration, OUT TPM2B_TIMEOUT *Timeout, OUT TPMT_TK_AUTH *PolicyTicket) |
| EFI_STATUS EFIAPI | Tpm2PolicyOR (IN TPMI_SH_POLICY PolicySession, IN TPML_DIGEST *HashList) |
| EFI_STATUS EFIAPI | Tpm2PolicyCommandCode (IN TPMI_SH_POLICY PolicySession, IN TPM_CC Code) |
| EFI_STATUS EFIAPI | Tpm2PolicyGetDigest (IN TPMI_SH_POLICY PolicySession, OUT TPM2B_DIGEST *PolicyHash) |
Implement TPM2 EnhancedAuthorization related command.
Copyright (c) 2014 - 2018, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
Definition in file Tpm2EnhancedAuthorization.c.
| EFI_STATUS EFIAPI Tpm2PolicyCommandCode | ( | IN TPMI_SH_POLICY | PolicySession, |
| IN TPM_CC | Code | ||
| ) |
This command indicates that the authorization will be limited to a specific command code.
| [in] | PolicySession | Handle for the policy session being extended. |
| [in] | Code | The allowed commandCode. |
| EFI_SUCCESS | Operation completed successfully. |
| EFI_DEVICE_ERROR | The command was unsuccessful. |
Definition at line 290 of file Tpm2EnhancedAuthorization.c.
| EFI_STATUS EFIAPI Tpm2PolicyGetDigest | ( | IN TPMI_SH_POLICY | PolicySession, |
| OUT TPM2B_DIGEST * | PolicyHash | ||
| ) |
This command returns the current policyDigest of the session. This command allows the TPM to be used to perform the actions required to precompute the authPolicy for an object.
| [in] | PolicySession | Handle for the policy session. |
| [out] | PolicyHash | the current value of the policyHash of policySession. |
| EFI_SUCCESS | Operation completed successfully. |
| EFI_DEVICE_ERROR | The command was unsuccessful. |
Definition at line 347 of file Tpm2EnhancedAuthorization.c.
| EFI_STATUS EFIAPI Tpm2PolicyOR | ( | IN TPMI_SH_POLICY | PolicySession, |
| IN TPML_DIGEST * | HashList | ||
| ) |
This command allows options in authorizations without requiring that the TPM evaluate all of the options. If a policy may be satisfied by different sets of conditions, the TPM need only evaluate one set that satisfies the policy. This command will indicate that one of the required sets of conditions has been satisfied.
| [in] | PolicySession | Handle for the policy session being extended. |
| [in] | HashList | the list of hashes to check for a match. |
| EFI_SUCCESS | Operation completed successfully. |
| EFI_DEVICE_ERROR | The command was unsuccessful. |
Definition at line 224 of file Tpm2EnhancedAuthorization.c.
| EFI_STATUS EFIAPI Tpm2PolicySecret | ( | IN TPMI_DH_ENTITY | AuthHandle, |
| IN TPMI_SH_POLICY | PolicySession, | ||
| IN TPMS_AUTH_COMMAND *AuthSession | OPTIONAL, | ||
| IN TPM2B_NONCE * | NonceTPM, | ||
| IN TPM2B_DIGEST * | CpHashA, | ||
| IN TPM2B_NONCE * | PolicyRef, | ||
| IN INT32 | Expiration, | ||
| OUT TPM2B_TIMEOUT * | Timeout, | ||
| OUT TPMT_TK_AUTH * | PolicyTicket | ||
| ) |
This command includes a secret-based authorization to a policy. The caller proves knowledge of the secret value using an authorization session using the authValue associated with authHandle.
| [in] | AuthHandle | Handle for an entity providing the authorization |
| [in] | PolicySession | Handle for the policy session being extended. |
| [in] | AuthSession | Auth Session context |
| [in] | NonceTPM | The policy nonce for the session. |
| [in] | CpHashA | Digest of the command parameters to which this authorization is limited. |
| [in] | PolicyRef | A reference to a policy relating to the authorization. |
| [in] | Expiration | Time when authorization will expire, measured in seconds from the time that nonceTPM was generated. |
| [out] | Timeout | Time value used to indicate to the TPM when the ticket expires. |
| [out] | PolicyTicket | A ticket that includes a value indicating when the authorization expires. |
| EFI_SUCCESS | Operation completed successfully. |
| EFI_DEVICE_ERROR | The command was unsuccessful. |
Definition at line 90 of file Tpm2EnhancedAuthorization.c.
1.9.6