/src/tpm2/PolicyPCR.c

Source (jump to first uncovered line)
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "PolicyPCR_fp.h"
//
//
//     Error Returns                     Meaning
//
//     TPM_RC_VALUE                      if provided, pcrDigest does not match the current PCR settings
//     TPM_RC_PCR_CHANGED                a previous TPM2_PolicyPCR() set pcrCounter and it has changed
//
TPM_RC
TPM2_PolicyPCR(
   PolicyPCR_In      *in                 // IN: input parameter list
   )
{
   SESSION           *session;
   TPM2B_DIGEST       pcrDigest;
   BYTE               pcrs[sizeof(TPML_PCR_SELECTION)];
   UINT32             pcrSize;
   BYTE              *buffer;
   INT32              bufferSize;
   TPM_CC             commandCode = TPM_CC_PolicyPCR;
   HASH_STATE         hashState;

// Input Validation

   // Get pointer to the session structure
   session = SessionGet(in->policySession);

   // Do validation for non trial session
   if(session->attributes.isTrialPolicy == CLEAR)
   {
       // Make sure that this is not going to invalidate a previous PCR check
       if(session->pcrCounter != 0 && session->pcrCounter != gr.pcrCounter)
           return TPM_RC_PCR_CHANGED;

       // Compute current PCR digest
       PCRComputeCurrentDigest(session->authHashAlg, &in->pcrs, &pcrDigest);

       // If the caller specified the PCR digest and it does not
       // match the current PCR settings, return an error..
       if(in->pcrDigest.t.size != 0)
       {
           if(!Memory2BEqual(&in->pcrDigest.b, &pcrDigest.b))
               return TPM_RC_VALUE + RC_PolicyPCR_pcrDigest;
       }
   }
   else
   {
       // For trial session, just use the input PCR digest
       pcrDigest = in->pcrDigest;
   }
// Internal Data Update

   // Update policy hash
   // policyDigestnew = hash(   policyDigestold || TPM_CC_PolicyPCR
   //                      || pcrs || pcrDigest)
   // Start hash
   CryptStartHash(session->authHashAlg, &hashState);

   // add old digest
   CryptUpdateDigest2B(&hashState, &session->u2.policyDigest.b);

  // add commandCode
  CryptUpdateDigestInt(&hashState, sizeof(TPM_CC), &commandCode);

  // add PCRS
  buffer = pcrs;
  bufferSize = sizeof(TPML_PCR_SELECTION);
  pcrSize = TPML_PCR_SELECTION_Marshal(&in->pcrs, &buffer, &bufferSize);
  CryptUpdateDigest(&hashState, pcrSize, pcrs);

  // add PCR digest
  CryptUpdateDigest2B(&hashState, &pcrDigest.b);

  // complete the hash and get the results
  CryptCompleteHash2B(&hashState, &session->u2.policyDigest.b);

  // update pcrCounter in session context for non trial session
  if(session->attributes.isTrialPolicy == CLEAR)
  {
      session->pcrCounter = gr.pcrCounter;
  }

   return TPM_RC_SUCCESS;
}

Line	Count	Source (jump to first uncovered line)
1		// This file was extracted from the TCG Published
2		// Trusted Platform Module Library
3		// Part 3: Commands
4		// Family "2.0"
5		// Level 00 Revision 01.16
6		// October 30, 2014
7
8		#include "InternalRoutines.h"
9		#include "PolicyPCR_fp.h"
10		//
11		//
12		// Error Returns Meaning
13		//
14		// TPM_RC_VALUE if provided, pcrDigest does not match the current PCR settings
15		// TPM_RC_PCR_CHANGED a previous TPM2_PolicyPCR() set pcrCounter and it has changed
16		//
17		TPM_RC
18		TPM2_PolicyPCR(
19		PolicyPCR_In *in // IN: input parameter list
20		)
21	0	{
22	0	SESSION *session;
23	0	TPM2B_DIGEST pcrDigest;
24	0	BYTE pcrs[sizeof(TPML_PCR_SELECTION)];
25	0	UINT32 pcrSize;
26	0	BYTE *buffer;
27	0	INT32 bufferSize;
28	0	TPM_CC commandCode = TPM_CC_PolicyPCR;
29	0	HASH_STATE hashState;
30
31		// Input Validation
32
33		// Get pointer to the session structure
34	0	session = SessionGet(in->policySession);
35
36		// Do validation for non trial session
37	0	if(session->attributes.isTrialPolicy == CLEAR)
38	0	{
39		// Make sure that this is not going to invalidate a previous PCR check
40	0	if(session->pcrCounter != 0 && session->pcrCounter != gr.pcrCounter)
41	0	return TPM_RC_PCR_CHANGED;
42
43		// Compute current PCR digest
44	0	PCRComputeCurrentDigest(session->authHashAlg, &in->pcrs, &pcrDigest);
45
46		// If the caller specified the PCR digest and it does not
47		// match the current PCR settings, return an error..
48	0	if(in->pcrDigest.t.size != 0)
49	0	{
50	0	if(!Memory2BEqual(&in->pcrDigest.b, &pcrDigest.b))
51	0	return TPM_RC_VALUE + RC_PolicyPCR_pcrDigest;
52	0	}
53	0	}
54	0	else
55	0	{
56		// For trial session, just use the input PCR digest
57	0	pcrDigest = in->pcrDigest;
58	0	}
59		// Internal Data Update
60
61		// Update policy hash
62		// policyDigestnew = hash( policyDigestold \|\| TPM_CC_PolicyPCR
63		// \|\| pcrs \|\| pcrDigest)
64		// Start hash
65	0	CryptStartHash(session->authHashAlg, &hashState);
66
67		// add old digest
68	0	CryptUpdateDigest2B(&hashState, &session->u2.policyDigest.b);
69
70		// add commandCode
71	0	CryptUpdateDigestInt(&hashState, sizeof(TPM_CC), &commandCode);
72
73		// add PCRS
74	0	buffer = pcrs;
75	0	bufferSize = sizeof(TPML_PCR_SELECTION);
76	0	pcrSize = TPML_PCR_SELECTION_Marshal(&in->pcrs, &buffer, &bufferSize);
77	0	CryptUpdateDigest(&hashState, pcrSize, pcrs);
78
79		// add PCR digest
80	0	CryptUpdateDigest2B(&hashState, &pcrDigest.b);
81
82		// complete the hash and get the results
83	0	CryptCompleteHash2B(&hashState, &session->u2.policyDigest.b);
84
85		// update pcrCounter in session context for non trial session
86	0	if(session->attributes.isTrialPolicy == CLEAR)
87	0	{
88	0	session->pcrCounter = gr.pcrCounter;
89	0	}
90
91	0	return TPM_RC_SUCCESS;
92	0	}

Coverage Report

Created: 2025-07-12 06:49