Provides internal functions for policy execution.
◆ get_policy_digest_idx()
| TSS2_RC get_policy_digest_idx |
( |
TPML_DIGEST_VALUES * |
digest_values, |
|
|
TPMI_ALG_HASH |
hashAlg, |
|
|
size_t * |
idx |
|
) |
| |
Compute the index for the current digest list and clear the digest.
The list entry with the appropriate hash algorithm will be searched. The found digest will be set to zero.
- Parameters
-
| [in,out] | digest_values | The list of policy digests and corresponding hash algorithms. |
| [in] | hashAlg | The hash algorithm to be searched. |
| [out] | idx | The index of the found digest. |
- Return values
-
| TSS2_RC_SUCCESS | on success. |
| TSS2_FAPI_RC_BAD_VALUE | If no appropriate digest was found in the digest list. |
◆ ifapi_extend_authorization()
Add a new authorization to a policy.
The the signed hash computed from the policy digest and the policyRef together with the public key of the key used for signing will be stored in the policy.
- Parameters
-
| [in,out] | policy | The policy to be authorized. |
| [in] | authorization | The structure with the signature, the policyRef and the public key. |
- Return values
-
| TSS2_RC_SUCCESS | on success. |
| TSS2_FAPI_RC_MEMORY | If the memory for the authorization list cannot be allocated. |
◆ ifapi_policyeval_execute()
Execute all policy commands defined by a list of policy elements.
- Return values
-
| TSS2_RC_SUCCESS | on success. |
| TSS2_FAPI_RC_MEMORY | if not enough memory can be allocated. |
| TSS2_FAPI_RC_BAD_VALUE | If wrong values are detected during execution. |
| TSS2_FAPI_RC_IO_ERROR | If an error occurs during access to the policy store. |
| TSS2_FAPI_RC_POLICY_UNKNOWN | If policy search for a certain policy digest was not successful. |
| TSS2_FAPI_RC_BAD_TEMPLATE | In a invalid policy is loaded during execution. |
| TSS2_FAPI_RC_TRY_AGAIN | if an I/O operation is not finished yet and this function needs to be called again. |
| TSS2_FAPI_RC_GENERAL_FAILURE | if an internal error occurred. |
| TSS2_FAPI_RC_BAD_SEQUENCE | if the context has an asynchronous operation already pending. |
| TSS2_FAPI_RC_BAD_REFERENCE | a invalid null pointer is passed. |
| TSS2_FAPI_RC_PATH_NOT_FOUND | if a FAPI object path was not found during authorization. |
| TSS2_FAPI_RC_KEY_NOT_FOUND | if a key was not found. |
| TSS2_FAPI_RC_AUTHORIZATION_UNKNOWN | if a required authorization callback is not set. |
| TSS2_FAPI_RC_AUTHORIZATION_FAILED | if the authorization attempt fails. |
| TSS2_ESYS_RC_* | possible error codes of ESAPI. |
| TSS2_FAPI_RC_BAD_PATH | if the path is used in inappropriate context or contains illegal characters. |
| TSS2_FAPI_RC_NOT_PROVISIONED | FAPI was not provisioned. |
◆ ifapi_policyeval_execute_prepare()
Initialize policy element list to be executed and store policy in context.
- Parameters
-
| [in] | pol_ctx | Context for execution of a list of policy elements. |
| [in] | hash_alg | The hash algorithm used for the policy computation. |
| [in,out] | policy | The policy to be executed. Some policy elements will be used to store computed parameters needed for policy execution. |
- Return values
-
| TSS2_RC_SUCCESS | on success. |
| TSS2_FAPI_RC_AUTHORIZATION_UNKNOWN | If the callback for branch selection is not defined. This callback will be needed of or policies have to be executed. |
| TSS2_FAPI_RC_BAD_VALUE | If the computed branch index deliverd by the callback does not identify a branch. |
| TSS2_FAPI_RC_MEMORY | if not enough memory can be allocated. |
| TSS2_FAPI_RC_BAD_REFERENCE | a invalid null pointer is passed. |
| TSS2_FAPI_RC_AUTHORIZATION_FAILED | if the authorization attempt fails. |
1.8.13