//
// Construct command
//
SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_UndefineSpace);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
SendBuffer.NvIndex = SwapBytes32 (NvIndex);
//
// Add in Auth session
//
Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
Buffer += SessionInfoSize;
SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
/**
This command defines the attributes of an NV Index and causes the TPM to
reserve space to hold the data associated with the index.
If a definition already exists at the index, the TPM will return TPM_RC_NV_DEFINED.
@param[in] AuthHandle TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}.
@param[in] AuthSession Auth Session context
@param[in] Auth The authorization data.
@param[in] NvPublic The public area of the index.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
@retval EFI_ALREADY_STARTED The command was returned successfully, but NvIndex is already defined.
**/
EFI_STATUS
EFIAPI
Tpm2NvDefineSpace (
IN TPMI_RH_PROVISION AuthHandle,
IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL
IN TPM2B_AUTH *Auth,
IN TPM2B_NV_PUBLIC *NvPublic
)
{
EFI_STATUS Status;
TPM2_NV_DEFINESPACE_COMMAND SendBuffer;
TPM2_NV_DEFINESPACE_RESPONSE RecvBuffer;
UINT32 SendBufferSize;
UINT32 RecvBufferSize;
UINT16 NvPublicSize;
UINT8 *Buffer;
UINT32 SessionInfoSize;
TPM_RC ResponseCode;
//
// Construct command
//
SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_DefineSpace);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
//
Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
Buffer += SessionInfoSize;
SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
//
// IndexAuth
//
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(Auth->size));
Buffer += sizeof(UINT16);
CopyMem(Buffer, Auth->buffer, Auth->size);
Buffer += Auth->size;
//
// NvPublic
//
NvPublicSize = NvPublic->size;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublicSize));
Buffer += sizeof(UINT16);
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (NvPublic->nvPublic.nvIndex));
Buffer += sizeof(UINT32);
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublic->nvPublic.nameAlg));
Buffer += sizeof(UINT16);
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (ReadUnaligned32 ((UINT32 *)&NvPublic->nvPublic.attributes)));
Buffer += sizeof(UINT32);
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublic->nvPublic.authPolicy.size));
Buffer += sizeof(UINT16);
CopyMem (Buffer, NvPublic->nvPublic.authPolicy.buffer, NvPublic->nvPublic.authPolicy.size);
Buffer += NvPublic->nvPublic.authPolicy.size;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublic->nvPublic.dataSize));
Buffer += sizeof(UINT16);
SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2NvDefineSpace - RecvBufferSize Error - %x\n", RecvBufferSize));
Status = EFI_DEVICE_ERROR;
goto Done;
}
ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2NvDefineSpace - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
}
switch (ResponseCode) {
case TPM_RC_SUCCESS:
// return data
break;
case TPM_RC_SIZE + RC_NV_DefineSpace_publicInfo:
case TPM_RC_SIZE + RC_NV_DefineSpace_auth:
Status = EFI_BAD_BUFFER_SIZE;
break;
case TPM_RC_ATTRIBUTES:
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_publicInfo:
Status = EFI_UNSUPPORTED;
break;
case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_authHandle:
Status = EFI_INVALID_PARAMETER;
break;
case TPM_RC_NV_DEFINED:
Status = EFI_ALREADY_STARTED;
break;
case TPM_RC_VALUE + RC_NV_DefineSpace_publicInfo:
case TPM_RC_VALUE + RC_NV_DefineSpace_authHandle:
Status = EFI_INVALID_PARAMETER;
break;
case TPM_RC_NV_SPACE:
Status = EFI_OUT_OF_RESOURCES;
break;
default:
Status = EFI_DEVICE_ERROR;
break;
}
Done:
//
// Clear AuthSession Content
//
ZeroMem (&SendBuffer, sizeof(SendBuffer));
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
return Status;
}
/**
This command allows setting of the authorization policy for the platform hierarchy (platformPolicy), the
storage hierarchy (ownerPolicy), and and the endorsement hierarchy (endorsementPolicy).
@param[in] AuthHandle TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} parameters to be validated
@param[in] AuthSession Auth Session context
@param[in] AuthPolicy An authorization policy hash
@param[in] HashAlg The hash algorithm to use for the policy
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
EFI_STATUS
EFIAPI
Tpm2SetPrimaryPolicy (
IN TPMI_RH_HIERARCHY_AUTH AuthHandle,
IN TPMS_AUTH_COMMAND *AuthSession,
IN TPM2B_DIGEST *AuthPolicy,
IN TPMI_ALG_HASH HashAlg
)
{
EFI_STATUS Status;
TPM2_SET_PRIMARY_POLICY_COMMAND SendBuffer;
TPM2_SET_PRIMARY_POLICY_RESPONSE RecvBuffer;
UINT32 SendBufferSize;
UINT32 RecvBufferSize;
UINT8 *Buffer;
UINT32 SessionInfoSize;
//
// Construct command
//
SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_SetPrimaryPolicy);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
//
Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
Buffer += SessionInfoSize;
SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
//
// Real data
//
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(AuthPolicy->size));
Buffer += sizeof(UINT16);
CopyMem (Buffer, AuthPolicy->buffer, AuthPolicy->size);
Buffer += AuthPolicy->size;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(HashAlg));
Buffer += sizeof(UINT16);
SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
return EFI_SUCCESS;
}
/**
This command includes a secret-based authorization to a policy.
The caller proves knowledge of the secret value using an authorization
session using the authValue associated with authHandle.
@param[in] AuthHandle Handle for an entity providing the authorization
@param[in] PolicySession Handle for the policy session being extended.
@param[in] AuthSession Auth Session context
@param[in] NonceTPM The policy nonce for the session.
@param[in] CpHashA Digest of the command parameters to which this authorization is limited.
@param[in] PolicyRef A reference to a policy relating to the authorization.
@param[in] Expiration Time when authorization will expire, measured in seconds from the time that nonceTPM was generated.
@param[out] Timeout Time value used to indicate to the TPM when the ticket expires.
@param[out] PolicyTicket A ticket that includes a value indicating when the authorization expires.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
EFI_STATUS
EFIAPI
Tpm2PolicySecret (
IN TPMI_DH_ENTITY AuthHandle,
IN TPMI_SH_POLICY PolicySession,
IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL
IN TPM2B_NONCE *NonceTPM,
IN TPM2B_DIGEST *CpHashA,
IN TPM2B_NONCE *PolicyRef,
IN INT32 Expiration,
OUT TPM2B_TIMEOUT *Timeout,
OUT TPMT_TK_AUTH *PolicyTicket
)
{
EFI_STATUS Status;
TPM2_POLICY_SECRET_COMMAND SendBuffer;
TPM2_POLICY_SECRET_RESPONSE RecvBuffer;
UINT32 SendBufferSize;
UINT32 RecvBufferSize;
UINT8 *Buffer;
UINT32 SessionInfoSize;
//
// Construct command
//
SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PolicySecret);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
SendBuffer.PolicySession = SwapBytes32 (PolicySession);
//
// Add in Auth session
//
Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
Buffer += SessionInfoSize;
SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
//
// Real data
//
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(NonceTPM->size));
Buffer += sizeof(UINT16);
CopyMem (Buffer, NonceTPM->buffer, NonceTPM->size);
Buffer += NonceTPM->size;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(CpHashA->size));
Buffer += sizeof(UINT16);
CopyMem (Buffer, CpHashA->buffer, CpHashA->size);
Buffer += CpHashA->size;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(PolicyRef->size));
Buffer += sizeof(UINT16);
CopyMem (Buffer, PolicyRef->buffer, PolicyRef->size);
Buffer += PolicyRef->size;
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32((UINT32)Expiration));
Buffer += sizeof(UINT32);
SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2PolicySecret - RecvBufferSize Error - %x\n", RecvBufferSize));
Status = EFI_DEVICE_ERROR;
goto Done;
}
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2PolicySecret - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
//
// Return the response
//
Buffer = (UINT8 *)&RecvBuffer.Timeout;
Timeout->size = SwapBytes16(ReadUnaligned16 ((UINT16 *)Buffer));
if (Timeout->size > sizeof(UINT64)) {
DEBUG ((DEBUG_ERROR, "Tpm2PolicySecret - Timeout->size error %x\n", Timeout->size));
Status = EFI_DEVICE_ERROR;
goto Done;
}
Buffer += sizeof(UINT16);
CopyMem (Timeout->buffer, Buffer, Timeout->size);
PolicyTicket->tag = SwapBytes16(ReadUnaligned16 ((UINT16 *)Buffer));
Buffer += sizeof(UINT16);
PolicyTicket->hierarchy = SwapBytes32(ReadUnaligned32 ((UINT32 *)Buffer));
Buffer += sizeof(UINT32);
PolicyTicket->digest.size = SwapBytes16(ReadUnaligned16 ((UINT16 *)Buffer));
Buffer += sizeof(UINT16);
if (PolicyTicket->digest.size > sizeof(TPMU_HA)) {
DEBUG ((DEBUG_ERROR, "Tpm2PolicySecret - digest.size error %x\n", PolicyTicket->digest.size));
Status = EFI_DEVICE_ERROR;
goto Done;
}
CopyMem (PolicyTicket->digest.buffer, Buffer, PolicyTicket->digest.size);
Done:
//
// Clear AuthSession Content
//
ZeroMem (&SendBuffer, sizeof(SendBuffer));
ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
return Status;
}
/**
This command is used to cause an update to the indicated PCR.
The digests parameter contains one or more tagged digest value identified by an algorithm ID.
For each digest, the PCR associated with pcrHandle is Extended into the bank identified by the tag (hashAlg).
@param[in] PcrHandle Handle of the PCR
@param[in] Digests List of tagged digest values to be extended
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
EFI_STATUS
EFIAPI
Tpm2PcrExtend (
IN TPMI_DH_PCR PcrHandle,
IN TPML_DIGEST_VALUES *Digests
)
{
EFI_STATUS Status;
TPM2_PCR_EXTEND_COMMAND Cmd;
TPM2_PCR_EXTEND_RESPONSE Res;
UINT32 CmdSize;
UINT32 RespSize;
UINT32 ResultBufSize;
UINT8 *Buffer;
UINTN Index;
UINT32 SessionInfoSize;
UINT16 DigestSize;
Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
Cmd.Header.commandCode = SwapBytes32(TPM_CC_PCR_Extend);
Cmd.PcrHandle = SwapBytes32(PcrHandle);
//
// Add in Auth session
//
Buffer = (UINT8 *)&Cmd.AuthSessionPcr;
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (NULL, Buffer);
Buffer += SessionInfoSize;
Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
//Digest Count
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(Digests->count));
Buffer += sizeof(UINT32);
//Digest
for (Index = 0; Index < Digests->count; Index++) {
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(Digests->digests[Index].hashAlg));
Buffer += sizeof(UINT16);
DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg);
if (DigestSize == 0) {
DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg));
return EFI_DEVICE_ERROR;
}
CopyMem(
Buffer,
&Digests->digests[Index].digest,
DigestSize
);
Buffer += DigestSize;
}
CmdSize = (UINT32)((UINTN)Buffer - (UINTN)&Cmd);
Cmd.Header.paramSize = SwapBytes32(CmdSize);
ResultBufSize = sizeof(Res);
Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
if (EFI_ERROR(Status)) {
return Status;
}
if (ResultBufSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer Too Small\r\n"));
return EFI_BUFFER_TOO_SMALL;
}
//
// Validate response headers
//
RespSize = SwapBytes32(Res.Header.paramSize);
if (RespSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n", RespSize));
return EFI_BUFFER_TOO_SMALL;
}
//
// Fail if command failed
//
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
//
// Unmarshal the response
//
// None
return EFI_SUCCESS;
}
/**
This command is used to set the desired PCR allocation of PCR and algorithms.
@param[in] AuthHandle TPM_RH_PLATFORM+{PP}
@param[in] AuthSession Auth Session context
@param[in] PcrAllocation The requested allocation
@param[out] AllocationSuccess YES if the allocation succeeded
@param[out] MaxPCR maximum number of PCR that may be in a bank
@param[out] SizeNeeded number of octets required to satisfy the request
@param[out] SizeAvailable Number of octets available. Computed before the allocation
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
EFI_STATUS
EFIAPI
Tpm2PcrAllocate (
IN TPMI_RH_PLATFORM AuthHandle,
IN TPMS_AUTH_COMMAND *AuthSession,
IN TPML_PCR_SELECTION *PcrAllocation,
OUT TPMI_YES_NO *AllocationSuccess,
OUT UINT32 *MaxPCR,
OUT UINT32 *SizeNeeded,
OUT UINT32 *SizeAvailable
)
{
EFI_STATUS Status;
TPM2_PCR_ALLOCATE_COMMAND Cmd;
TPM2_PCR_ALLOCATE_RESPONSE Res;
UINT32 CmdSize;
UINT32 RespSize;
UINT8 *Buffer;
UINT32 SessionInfoSize;
UINT8 *ResultBuf;
UINT32 ResultBufSize;
UINTN Index;
//
// Construct command
//
Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
Cmd.Header.commandCode = SwapBytes32(TPM_CC_PCR_Allocate);
Cmd.AuthHandle = SwapBytes32(AuthHandle);
//
// Add in Auth session
//
Buffer = (UINT8 *)&Cmd.AuthSession;
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
Buffer += SessionInfoSize;
Cmd.AuthSessionSize = SwapBytes32(SessionInfoSize);
// Count
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(PcrAllocation->count));
Buffer += sizeof(UINT32);
for (Index = 0; Index < PcrAllocation->count; Index++) {
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(PcrAllocation->pcrSelections[Index].hash));
Buffer += sizeof(UINT16);
*(UINT8 *)Buffer = PcrAllocation->pcrSelections[Index].sizeofSelect;
Buffer++;
CopyMem (Buffer, PcrAllocation->pcrSelections[Index].pcrSelect, PcrAllocation->pcrSelections[Index].sizeofSelect);
Buffer += PcrAllocation->pcrSelections[Index].sizeofSelect;
}
CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
Cmd.Header.paramSize = SwapBytes32(CmdSize);
ResultBuf = (UINT8 *) &Res;
ResultBufSize = sizeof(Res);
//
// Call the TPM
//
Status = Tpm2SubmitCommand (
CmdSize,
(UINT8 *)&Cmd,
&ResultBufSize,
ResultBuf
);
if (EFI_ERROR(Status)) {
goto Done;
}
if (ResultBufSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n"));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
}
//
// Validate response headers
//
RespSize = SwapBytes32(Res.Header.paramSize);
if (RespSize > sizeof(Res)) {
DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
}
//
// Fail if command failed
//
if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG((EFI_D_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
//
// Return the response
//
*AllocationSuccess = Res.AllocationSuccess;
*MaxPCR = SwapBytes32(Res.MaxPCR);
*SizeNeeded = SwapBytes32(Res.SizeNeeded);
*SizeAvailable = SwapBytes32(Res.SizeAvailable);
Done:
//
// Clear AuthSession Content
//
ZeroMem (&Cmd, sizeof(Cmd));
ZeroMem (&Res, sizeof(Res));
return Status;
}
/**
This command allows the platform to change the set of algorithms that are used by the TPM.
The algorithmSet setting is a vendor-dependent value.
@param[in] AuthHandle TPM_RH_PLATFORM
@param[in] AuthSession Auth Session context
@param[in] AlgorithmSet A TPM vendor-dependent value indicating the
algorithm set selection
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
EFI_STATUS
EFIAPI
Tpm2SetAlgorithmSet (
IN TPMI_RH_PLATFORM AuthHandle,
IN TPMS_AUTH_COMMAND *AuthSession,
IN UINT32 AlgorithmSet
)
{
EFI_STATUS Status;
TPM2_SET_ALGORITHM_SET_COMMAND SendBuffer;
TPM2_SET_ALGORITHM_SET_RESPONSE RecvBuffer;
UINT32 SendBufferSize;
UINT32 RecvBufferSize;
UINT8 *Buffer;
UINT32 SessionInfoSize;
//
// Construct command
//
SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_SetAlgorithmSet);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
//
Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
Buffer += SessionInfoSize;
SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
//
// Real data
//
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(AlgorithmSet));
Buffer += sizeof(UINT32);
SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((EFI_D_ERROR, "Tpm2SetAlgorithmSet - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "Tpm2SetAlgorithmSet - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
return EFI_SUCCESS;
}