Accueil Explorer Aide
Connexion
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: 360e921881
Branches Tags
csu3_am335x
/
EVSE
/
GPL
/
ibmtpm1682
/
src
/
ContextCommands.c

ContextCommands.c 20 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476 
  1. /********************************************************************************/
    2. 

  2. /*										*/
    3. 

  3. /*			   Context Management	  				*/
    4. 

  4. /*			     Written by Ken Goldman				*/
    5. 

  5. /*		       IBM Thomas J. Watson Research Center			*/
    6. 

  6. /*            $Id: ContextCommands.c 1671 2021-06-03 18:30:41Z kgoldman $	*/
    7. 

  7. /*										*/
    8. 

  8. /*  Licenses and Notices							*/
    9. 

  9. /*										*/
    10. 

  10. /*  1. Copyright Licenses:							*/
    11. 

  11. /*										*/
    12. 

  12. /*  - Trusted Computing Group (TCG) grants to the user of the source code in	*/
    13. 

  13. /*    this specification (the "Source Code") a worldwide, irrevocable, 		*/
    14. 

  14. /*    nonexclusive, royalty free, copyright license to reproduce, create 	*/
    15. 

  15. /*    derivative works, distribute, display and perform the Source Code and	*/
    16. 

  16. /*    derivative works thereof, and to grant others the rights granted herein.	*/
    17. 

  17. /*										*/
    18. 

  18. /*  - The TCG grants to the user of the other parts of the specification 	*/
    19. 

  19. /*    (other than the Source Code) the rights to reproduce, distribute, 	*/
    20. 

  20. /*    display, and perform the specification solely for the purpose of 		*/
    21. 

  21. /*    developing products based on such documents.				*/
    22. 

  22. /*										*/
    23. 

  23. /*  2. Source Code Distribution Conditions:					*/
    24. 

  24. /*										*/
    25. 

  25. /*  - Redistributions of Source Code must retain the above copyright licenses, 	*/
    26. 

  26. /*    this list of conditions and the following disclaimers.			*/
    27. 

  27. /*										*/
    28. 

  28. /*  - Redistributions in binary form must reproduce the above copyright 	*/
    29. 

  29. /*    licenses, this list of conditions	and the following disclaimers in the 	*/
    30. 

  30. /*    documentation and/or other materials provided with the distribution.	*/
    31. 

  31. /*										*/
    32. 

  32. /*  3. Disclaimers:								*/
    33. 

  33. /*										*/
    34. 

  34. /*  - THE COPYRIGHT LICENSES SET FORTH ABOVE DO NOT REPRESENT ANY FORM OF	*/
    35. 

  35. /*  LICENSE OR WAIVER, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, WITH	*/
    36. 

  36. /*  RESPECT TO PATENT RIGHTS HELD BY TCG MEMBERS (OR OTHER THIRD PARTIES)	*/
    37. 

  37. /*  THAT MAY BE NECESSARY TO IMPLEMENT THIS SPECIFICATION OR OTHERWISE.		*/
    38. 

  38. /*  Contact TCG Administration (admin@trustedcomputinggroup.org) for 		*/
    39. 

  39. /*  information on specification licensing rights available through TCG 	*/
    40. 

  40. /*  membership agreements.							*/
    41. 

  41. /*										*/
    42. 

  42. /*  - THIS SPECIFICATION IS PROVIDED "AS IS" WITH NO EXPRESS OR IMPLIED 	*/
    43. 

  43. /*    WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY OR 	*/
    44. 

  44. /*    FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, COMPLETENESS, OR 		*/
    45. 

  45. /*    NONINFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS, OR ANY WARRANTY 		*/
    46. 

  46. /*    OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE.		*/
    47. 

  47. /*										*/
    48. 

  48. /*  - Without limitation, TCG and its members and licensors disclaim all 	*/
    49. 

  49. /*    liability, including liability for infringement of any proprietary 	*/
    50. 

  50. /*    rights, relating to use of information in this specification and to the	*/
    51. 

  51. /*    implementation of this specification, and TCG disclaims all liability for	*/
    52. 

  52. /*    cost of procurement of substitute goods or services, lost profits, loss 	*/
    53. 

  53. /*    of use, loss of data or any incidental, consequential, direct, indirect, 	*/
    54. 

  54. /*    or special damages, whether under contract, tort, warranty or otherwise, 	*/
    55. 

  55. /*    arising in any way out of use or reliance upon this specification or any 	*/
    56. 

  56. /*    information herein.							*/
    57. 

  57. /*										*/
    58. 

  58. /*  (c) Copyright IBM Corp. and others, 2016 - 2021				*/
    59. 

  59. /*										*/
    60. 

  60. /********************************************************************************/
    61. 

  61. 

  62. #include "Tpm.h"
    63. 

  63. #include "ContextSave_fp.h"
    64. 

  64. #if CC_ContextSave  // Conditional expansion of this file
    65. 

  65. #include "Context_spt_fp.h"
    66. 

  66. 

  67. extern int verbose;
    68. 

  68. 

  69. /* Error Returns Meaning */
    70. 

  70. /* TPM_RC_CONTEXT_GAP a contextID could not be assigned for a session context save */
    71. 

  71. /* TPM_RC_TOO_MANY_CONTEXTS no more contexts can be saved as the counter has maxed out */
    72. 

  72. TPM_RC
    73. 

  73. TPM2_ContextSave(
    74. 

  74. 		 ContextSave_In      *in,            // IN: input parameter list
    75. 

  75. 		 ContextSave_Out     *out            // OUT: output parameter list
    76. 

  76. 		 )
    77. 

  77. {
    78. 

  78.     TPM_RC          result = TPM_RC_SUCCESS;
    79. 

  79.     UINT16          fingerprintSize;    // The size of fingerprint in context
    80. 

  80.     // blob.
    81. 

  81.     UINT64          contextID = 0;      // session context ID
    82. 

  82.     TPM2B_SYM_KEY   symKey;
    83. 

  83.     TPM2B_IV        iv;
    84. 

  84.     TPM2B_DIGEST    integrity;
    85. 

  85.     UINT16          integritySize;
    86. 

  86.     BYTE            *buffer;
    87. 

  87.     if (verbose) {
    88. 

  88. 	FILE *f = fopen("trace.txt", "a");
    89. 

  89. 	fprintf(f, "TPM2_ContextSave: %08x\n", in->saveHandle);
    90. 

  90. 	fclose(f);
    91. 

  91.     }
    92. 

  92.     // This command may cause the orderlyState to be cleared due to
    93. 

  93.     // the update of state reset data. If the state is orderly and
    94. 

  94.     // cannot be changed, exit early.
    95. 

  95.     RETURN_IF_ORDERLY;
    96. 

  96. 

  97.     // Internal Data Update
    98. 

  98. 

  99.     // This implementation does not do things in quite the same way as described in
    100. 

  100.     // Part 2 of the specification. In Part 2, it indicates that the
    101. 

  101.     // TPMS_CONTEXT_DATA contains two TPM2B values. That is not how this is
    102. 

  102.     // implemented. Rather, the size field of the TPM2B_CONTEXT_DATA is used to
    103. 

  103.     // determine the amount of data in the encrypted data. That part is not
    104. 

  104.     // independently sized. This makes the actual size 2 bytes smaller than
    105. 

  105.     // calculated using Part 2. Since this is opaque to the caller, it is not
    106. 

  106.     // necessary to fix. The actual size is returned by TPM2_GetCapabilties().
    107. 

  107. 

  108.     // Initialize output handle.  At the end of command action, the output
    109. 

  109.     // handle of an object will be replaced, while the output handle
    110. 

  110.     // for a session will be the same as input
    111. 

  111.     out->context.savedHandle = in->saveHandle;
    112. 

  112.     // Get the size of fingerprint in context blob.  The sequence value in
    113. 

  113.     // TPMS_CONTEXT structure is used as the fingerprint
    114. 

  114.     fingerprintSize = sizeof(out->context.sequence);
    115. 

  115.     // Compute the integrity size at the beginning of context blob
    116. 

  116.     integritySize = sizeof(integrity.t.size)
    117. 

  117. 		    + CryptHashGetDigestSize(CONTEXT_INTEGRITY_HASH_ALG);
    118. 

  118.     // Perform object or session specific context save
    119. 

  119.     switch(HandleGetType(in->saveHandle))
    120. 

  120. 	{
    121. 

  121. 	  case TPM_HT_TRANSIENT:
    122. 

  122. 	      {
    123. 

  123. 		  OBJECT              *object = HandleToObject(in->saveHandle);
    124. 

  124. 		  ANY_OBJECT_BUFFER   *outObject;
    125. 

  125. 		  UINT16               objectSize = ObjectIsSequence(object)
    126. 

  126. 						    ? sizeof(HASH_OBJECT) : sizeof(OBJECT);
    127. 

  127. 		  outObject = (ANY_OBJECT_BUFFER *)(out->context.contextBlob.t.buffer
    128. 

  128. 						    + integritySize + fingerprintSize);
    129. 

  129. 		  // Set size of the context data.  The contents of context blob is vendor
    130. 

  130. 		  // defined.  In this implementation, the size is size of integrity
    131. 

  131. 		  // plus fingerprint plus the whole internal OBJECT structure
    132. 

  132. 		  out->context.contextBlob.t.size = integritySize +
    133. 

  133. 						    fingerprintSize + objectSize;
    134. 

  134. 		  // Make sure things fit
    135. 

  135. 		  pAssert(out->context.contextBlob.t.size
    136. 

  136. 			  <= sizeof(out->context.contextBlob.t.buffer));
    137. 

  137. 		  // Copy the whole internal OBJECT structure to context blob
    138. 

  138. 		  MemoryCopy(outObject, object, objectSize);
    139. 

  139. 		  // Increment object context ID
    140. 

  140. 		  gr.objectContextID++;
    141. 

  141. 		  // If object context ID overflows, TPM should be put in failure mode
    142. 

  142. 		  if(gr.objectContextID == 0)
    143. 

  143. 		      FAIL(FATAL_ERROR_INTERNAL);
    144. 

  144. 		  // Fill in other return values for an object.
    145. 

  145. 		  out->context.sequence = gr.objectContextID;
    146. 

  146. 		  // For regular object, savedHandle is 0x80000000.  For sequence object,
    147. 

  147. 		  // savedHandle is 0x80000001.  For object with stClear, savedHandle
    148. 

  148. 		  // is 0x80000002
    149. 

  149. 		  if(ObjectIsSequence(object))
    150. 

  150. 		      {
    151. 

  151. 			  out->context.savedHandle = 0x80000001;
    152. 

  152. 			  SequenceDataExport((HASH_OBJECT *)object,
    153. 

  153. 					     (HASH_OBJECT_BUFFER *)outObject);
    154. 

  154. 		      }
    155. 

  155. 		  else
    156. 

  156. 		      out->context.savedHandle = (object->attributes.stClear == SET)
    157. 

  157. 						 ? 0x80000002 : 0x80000000;
    158. 

  158. 		  // Get object hierarchy
    159. 

  159. 		  out->context.hierarchy = ObjectGetHierarchy(object);
    160. 

  160. 		  break;
    161. 

  161. 	      }
    162. 

  162. 	  case TPM_HT_HMAC_SESSION:
    163. 

  163. 	  case TPM_HT_POLICY_SESSION:
    164. 

  164. 	      {
    165. 

  165. 		  SESSION         *session = SessionGet(in->saveHandle);
    166. 

  166. 		  // Set size of the context data.  The contents of context blob is vendor
    167. 

  167. 		  // defined.  In this implementation, the size of context blob is the
    168. 

  168. 		  // size of a internal session structure plus the size of
    169. 

  169. 		  // fingerprint plus the size of integrity
    170. 

  170. 		  out->context.contextBlob.t.size = integritySize +
    171. 

  171. 						    fingerprintSize + sizeof(*session);
    172. 

  172. 		  // Make sure things fit
    173. 

  173. 		  pAssert(out->context.contextBlob.t.size
    174. 

  174. 			  < sizeof(out->context.contextBlob.t.buffer));
    175. 

  175. 		  // Copy the whole internal SESSION structure to context blob.
    176. 

  176. 		  // Save space for fingerprint at the beginning of the buffer
    177. 

  177. 		  // This is done before anything else so that the actual context
    178. 

  178. 		  // can be reclaimed after this call
    179. 

  179. 		  pAssert(sizeof(*session) <= sizeof(out->context.contextBlob.t.buffer)
    180. 

  180. 			  - integritySize - fingerprintSize);
    181. 

  181. 		  MemoryCopy(out->context.contextBlob.t.buffer + integritySize
    182. 

  182. 			     + fingerprintSize, session, sizeof(*session));
    183. 

  183. 		  // Fill in the other return parameters for a session
    184. 

  184. 		  // Get a context ID and set the session tracking values appropriately
    185. 

  185. 		  // TPM_RC_CONTEXT_GAP is a possible error.
    186. 

  186. 		  // SessionContextSave() will flush the in-memory context
    187. 

  187. 		  // so no additional errors may occur after this call.
    188. 

  188. 		  result = SessionContextSave(out->context.savedHandle, &contextID);
    189. 

  189. 		  if(result != TPM_RC_SUCCESS)
    190. 

  190. 		      return result;
    191. 

  191. 		  // sequence number is the current session contextID
    192. 

  192. 		  out->context.sequence = contextID;
    193. 

  193. 		  // use TPM_RH_NULL as hierarchy for session context
    194. 

  194. 		  out->context.hierarchy = TPM_RH_NULL;
    195. 

  195. 		  break;
    196. 

  196. 	      }
    197. 

  197. 	  default:
    198. 

  198. 	    // SaveContext may only take an object handle or a session handle.
    199. 

  199. 	    // All the other handle type should be filtered out at unmarshal
    200. 

  200. 	    FAIL(FATAL_ERROR_INTERNAL);
    201. 

  201. 	    break;
    202. 

  202. 	}
    203. 

  203.     // Save fingerprint at the beginning of encrypted area of context blob.
    204. 

  204.     // Reserve the integrity space
    205. 

  205.     pAssert(sizeof(out->context.sequence) <=
    206. 

  206. 	    sizeof(out->context.contextBlob.t.buffer) - integritySize);
    207. 

  207.     MemoryCopy(out->context.contextBlob.t.buffer + integritySize,
    208. 

  208. 	       &out->context.sequence, sizeof(out->context.sequence));
    209. 

  209.     // Compute context encryption key
    210. 

  210.     ComputeContextProtectionKey(&out->context, &symKey, &iv);
    211. 

  211.     // Encrypt context blob
    212. 

  212.     CryptSymmetricEncrypt(out->context.contextBlob.t.buffer + integritySize,
    213. 

  213. 			  CONTEXT_ENCRYPT_ALG, CONTEXT_ENCRYPT_KEY_BITS,
    214. 

  214. 			  symKey.t.buffer, &iv, TPM_ALG_CFB,
    215. 

  215. 			  out->context.contextBlob.t.size - integritySize,
    216. 

  216. 			  out->context.contextBlob.t.buffer + integritySize);
    217. 

  217.     // Compute integrity hash for the object
    218. 

  218.     // In this implementation, the same routine is used for both sessions
    219. 

  219.     // and objects.
    220. 

  220.     ComputeContextIntegrity(&out->context, &integrity);
    221. 

  221.     // add integrity at the beginning of context blob
    222. 

  222.     buffer = out->context.contextBlob.t.buffer;
    223. 

  223.     TPM2B_DIGEST_Marshal(&integrity, &buffer, NULL);
    224. 

  224.     // orderly state should be cleared because of the update of state reset and
    225. 

  225.     // state clear data
    226. 

  226.     g_clearOrderly = TRUE;
    227. 

  227.     return result;
    228. 

  228. }
    229. 

  229. #endif // CC_ContextSave
    230. 

  230. #include "Tpm.h"
    231. 

  231. #include "ContextLoad_fp.h"
    232. 

  232. #if CC_ContextLoad  // Conditional expansion of this file
    233. 

  233. #include "Context_spt_fp.h"
    234. 

  234. TPM_RC
    235. 

  235. TPM2_ContextLoad(
    236. 

  236. 		 ContextLoad_In      *in,            // IN: input parameter list
    237. 

  237. 		 ContextLoad_Out     *out            // OUT: output parameter list
    238. 

  238. 		 )
    239. 

  239. {
    240. 

  240.     TPM_RC              result;
    241. 

  241.     TPM2B_DIGEST        integrityToCompare;
    242. 

  242.     TPM2B_DIGEST        integrity;
    243. 

  243.     BYTE                *buffer;    // defined to save some typing
    244. 

  244.     INT32               size;       // defined to save some typing
    245. 

  245.     TPM_HT              handleType;
    246. 

  246.     TPM2B_SYM_KEY       symKey;
    247. 

  247.     TPM2B_IV            iv;
    248. 

  248.     // Input Validation
    249. 

  249. 

  250.     // See discussion about the context format in TPM2_ContextSave Detailed Actions
    251. 

  251. 

  252.     // IF this is a session context, make sure that the sequence number is
    253. 

  253.     // consistent with the version in the slot
    254. 

  254.     // Check context blob size
    255. 

  255.     handleType = HandleGetType(in->context.savedHandle);
    256. 

  256.     // Get integrity from context blob
    257. 

  257.     buffer = in->context.contextBlob.t.buffer;
    258. 

  258.     size = (INT32)in->context.contextBlob.t.size;
    259. 

  259.     result = TPM2B_DIGEST_Unmarshal(&integrity, &buffer, &size);
    260. 

  260.     if(result != TPM_RC_SUCCESS)
    261. 

  261. 	return result;
    262. 

  262.     // the size of the integrity value has to match the size of digest produced
    263. 

  263.     // by the integrity hash
    264. 

  264.     if(integrity.t.size != CryptHashGetDigestSize(CONTEXT_INTEGRITY_HASH_ALG))
    265. 

  265. 	return TPM_RCS_SIZE + RC_ContextLoad_context;
    266. 

  266.     // Make sure that the context blob has enough space for the fingerprint. This
    267. 

  267.     // is elastic pants to go with the belt and suspenders we already have to make
    268. 

  268.     // sure that the context is complete and untampered.
    269. 

  269.     if((unsigned)size < sizeof(in->context.sequence))
    270. 

  270. 	return TPM_RCS_SIZE + RC_ContextLoad_context;
    271. 

  271.     // After unmarshaling the integrity value, 'buffer' is pointing at the first
    272. 

  272.     // byte of the integrity protected and encrypted buffer and 'size' is the number
    273. 

  273.     // of integrity protected and encrypted bytes.
    274. 

  274.     // Compute context integrity
    275. 

  275.     ComputeContextIntegrity(&in->context, &integrityToCompare);
    276. 

  276.     // Compare integrity
    277. 

  277.     if(!MemoryEqual2B(&integrity.b, &integrityToCompare.b))
    278. 

  278. 	return TPM_RCS_INTEGRITY + RC_ContextLoad_context;
    279. 

  279.     // Compute context encryption key
    280. 

  280.     ComputeContextProtectionKey(&in->context, &symKey, &iv);
    281. 

  281.     // Decrypt context data in place
    282. 

  282.     CryptSymmetricDecrypt(buffer, CONTEXT_ENCRYPT_ALG, CONTEXT_ENCRYPT_KEY_BITS,
    283. 

  283. 			  symKey.t.buffer, &iv, TPM_ALG_CFB, size, buffer);
    284. 

  284.     // See if the fingerprint value matches. If not, it is symptomatic of either
    285. 

  285.     // a broken TPM or that the TPM is under attack so go into failure mode.
    286. 

  286.     if(!MemoryEqual(buffer, &in->context.sequence, sizeof(in->context.sequence)))
    287. 

  287. 	FAIL(FATAL_ERROR_INTERNAL);
    288. 

  288.     // step over fingerprint
    289. 

  289.     buffer += sizeof(in->context.sequence);
    290. 

  290.     // set the remaining size of the context
    291. 

  291.     size -= sizeof(in->context.sequence);
    292. 

  292.     // Perform object or session specific input check
    293. 

  293.     switch(handleType)
    294. 

  294. 	{
    295. 

  295. 	  case TPM_HT_TRANSIENT:
    296. 

  296. 	      {
    297. 

  297. 		  OBJECT      *outObject;
    298. 

  298. 		  if(size > (INT32)sizeof(OBJECT))
    299. 

  299. 		      FAIL(FATAL_ERROR_INTERNAL);
    300. 

  300. 		  // Discard any changes to the handle that the TRM might have made
    301. 

  301. 		  in->context.savedHandle = TRANSIENT_FIRST;
    302. 

  302. 		  // If hierarchy is disabled, no object context can be loaded in this
    303. 

  303. 		  // hierarchy
    304. 

  304. 		  if(!HierarchyIsEnabled(in->context.hierarchy))
    305. 

  305. 		      return TPM_RCS_HIERARCHY + RC_ContextLoad_context;
    306. 

  306. 		  // Restore object. If there is no empty space, indicate as much
    307. 

  307. 		  outObject = ObjectContextLoad((ANY_OBJECT_BUFFER *)buffer,
    308. 

  308. 						&out->loadedHandle);
    309. 

  309. 		  if(outObject == NULL)
    310. 

  310. 		      return TPM_RC_OBJECT_MEMORY;
    311. 

  311. 		  break;
    312. 

  312. 	      }
    313. 

  313. 	  case TPM_HT_POLICY_SESSION:
    314. 

  314. 	  case TPM_HT_HMAC_SESSION:
    315. 

  315. 	      {
    316. 

  316. 		  if(size != sizeof(SESSION))
    317. 

  317. 		      FAIL(FATAL_ERROR_INTERNAL);
    318. 

  318. 		  // This command may cause the orderlyState to be cleared due to
    319. 

  319. 		  // the update of state reset data.  If this is the case, check if NV is
    320. 

  320. 		  // available first
    321. 

  321. 		  RETURN_IF_ORDERLY;
    322. 

  322. 		  // Check if input handle points to a valid saved session and that the
    323. 

  323. 		  // sequence number makes sense
    324. 

  324. 		  if(!SequenceNumberForSavedContextIsValid(&in->context))
    325. 

  325. 		      return TPM_RCS_HANDLE + RC_ContextLoad_context;
    326. 

  326. 		  // Restore session.  A TPM_RC_SESSION_MEMORY, TPM_RC_CONTEXT_GAP error
    327. 

  327. 		  // may be returned at this point
    328. 

  328. 		  result = SessionContextLoad((SESSION_BUF *)buffer,
    329. 

  329. 					      &in->context.savedHandle);
    330. 

  330. 		  if(result != TPM_RC_SUCCESS)
    331. 

  331. 		      return result;
    332. 

  332. 		  out->loadedHandle = in->context.savedHandle;
    333. 

  333. 		  // orderly state should be cleared because of the update of state
    334. 

  334. 		  // reset and state clear data
    335. 

  335. 		  g_clearOrderly = TRUE;
    336. 

  336. 		  break;
    337. 

  337. 	      }
    338. 

  338. 	  default:
    339. 

  339. 	    // Context blob may only have an object handle or a session handle.
    340. 

  340. 	    // All the other handle type should be filtered out at unmarshal
    341. 

  341. 	    FAIL(FATAL_ERROR_INTERNAL);
    342. 

  342. 	    break;
    343. 

  343. 	}
    344. 

  344.     if (verbose) {
    345. 

  345. 	FILE *f = fopen("trace.txt", "a");
    346. 

  346. 	fprintf(f, "TPM2_ContextLoad: %08x\n", out->loadedHandle);
    347. 

  347. 	fclose(f);
    348. 

  348.     }
    349. 

  349.     return TPM_RC_SUCCESS;
    350. 

  350. }
    351. 

  351. #endif // CC_ContextLoad
    352. 

  352. #include "Tpm.h"
    353. 

  353. #include "FlushContext_fp.h"
    354. 

  354. #if CC_FlushContext  // Conditional expansion of this file
    355. 

  355. TPM_RC
    356. 

  356. TPM2_FlushContext(
    357. 

  357. 		  FlushContext_In     *in             // IN: input parameter list
    358. 

  358. 		  )
    359. 

  359. {
    360. 

  360.     if (verbose) {
    361. 

  361. 	FILE *f = fopen("trace.txt", "a");
    362. 

  362. 	fprintf(f, "TPM2_FlushContext: %08x\n", in->flushHandle);
    363. 

  363. 	fclose(f);
    364. 

  364.     }
    365. 

  365.     // Internal Data Update
    366. 

  366.     // Call object or session specific routine to flush
    367. 

  367.     switch(HandleGetType(in->flushHandle))
    368. 

  368. 	{
    369. 

  369. 	  case TPM_HT_TRANSIENT:
    370. 

  370. 	    if(!IsObjectPresent(in->flushHandle))
    371. 

  371. 		return TPM_RCS_HANDLE + RC_FlushContext_flushHandle;
    372. 

  372. 	    // Flush object
    373. 

  373. 	    FlushObject(in->flushHandle);
    374. 

  374. 	    break;
    375. 

  375. 	  case TPM_HT_HMAC_SESSION:
    376. 

  376. 	  case TPM_HT_POLICY_SESSION:
    377. 

  377. 	    if(!SessionIsLoaded(in->flushHandle)
    378. 

  378. 	       && !SessionIsSaved(in->flushHandle)
    379. 

  379. 	       )
    380. 

  380. 		return TPM_RCS_HANDLE + RC_FlushContext_flushHandle;
    381. 

  381. 	    // If the session to be flushed is the exclusive audit session, then
    382. 

  382. 	    // indicate that there is no exclusive audit session any longer.
    383. 

  383. 	    if(in->flushHandle == g_exclusiveAuditSession)
    384. 

  384. 		g_exclusiveAuditSession = TPM_RH_UNASSIGNED;
    385. 

  385. 	    // Flush session
    386. 

  386. 	    SessionFlush(in->flushHandle);
    387. 

  387. 	    break;
    388. 

  388. 	  default:
    389. 

  389. 	    // This command only takes object or session handle.  Other handles
    390. 

  390. 	    // should be filtered out at handle unmarshal
    391. 

  391. 	    FAIL(FATAL_ERROR_INTERNAL);
    392. 

  392. 	    break;
    393. 

  393. 	}
    394. 

  394.     return TPM_RC_SUCCESS;
    395. 

  395. }
    396. 

  396. #endif // CC_FlushContext
    397. 

  397. #include "Tpm.h"
    398. 

  398. #include "EvictControl_fp.h"
    399. 

  399. #if CC_EvictControl  // Conditional expansion of this file
    400. 

  400. TPM_RC
    401. 

  401. TPM2_EvictControl(
    402. 

  402. 		  EvictControl_In     *in             // IN: input parameter list
    403. 

  403. 		  )
    404. 

  404. {
    405. 

  405.     TPM_RC      result;
    406. 

  406.     OBJECT      *evictObject;
    407. 

  407.     if (verbose) {
    408. 

  408. 	FILE *f = fopen("trace.txt", "a");
    409. 

  409. 	fprintf(f, "EvictControl: persistentHandle %08x\n", in->persistentHandle);
    410. 

  410. 	fprintf(f, "EvictControl: objectHandle %08x\n", in->objectHandle);
    411. 

  411. 	fclose(f);
    412. 

  412.     }
    413. 

  413.     // Input Validation
    414. 

  414.     // Get internal object pointer
    415. 

  415.     evictObject = HandleToObject(in->objectHandle);
    416. 

  416.     // Temporary, stClear or public only objects can not be made persistent
    417. 

  417.     if(evictObject->attributes.temporary == SET
    418. 

  418.        || evictObject->attributes.stClear == SET
    419. 

  419.        || evictObject->attributes.publicOnly == SET)
    420. 

  420. 	return TPM_RCS_ATTRIBUTES + RC_EvictControl_objectHandle;
    421. 

  421.     // If objectHandle refers to a persistent object, it should be the same as
    422. 

  422.     // input persistentHandle
    423. 

  423.     if(evictObject->attributes.evict == SET
    424. 

  424.        && evictObject->evictHandle != in->persistentHandle)
    425. 

  425. 	return TPM_RCS_HANDLE + RC_EvictControl_objectHandle;
    426. 

  426.     // Additional authorization validation
    427. 

  427.     if(in->auth == TPM_RH_PLATFORM)
    428. 

  428. 	{
    429. 

  429. 	    // To make persistent
    430. 

  430. 	    if(evictObject->attributes.evict == CLEAR)
    431. 

  431. 	        {
    432. 

  432. 	            // PlatformAuth can not set evict object in storage or endorsement
    433. 

  433. 	            // hierarchy
    434. 

  434. 	            if(evictObject->attributes.ppsHierarchy == CLEAR)
    435. 

  435. 	                return TPM_RCS_HIERARCHY + RC_EvictControl_objectHandle;
    436. 

  436. 	            // Platform cannot use a handle outside of platform persistent range.
    437. 

  437. 	            if(!NvIsPlatformPersistentHandle(in->persistentHandle))
    438. 

  438. 	                return TPM_RCS_RANGE + RC_EvictControl_persistentHandle;
    439. 

  439. 	        }
    440. 

  440. 	    // PlatformAuth can delete any persistent object
    441. 

  441. 	}
    442. 

  442.     else if(in->auth == TPM_RH_OWNER)
    443. 

  443. 	{
    444. 

  444. 	    // OwnerAuth can not set or clear evict object in platform hierarchy
    445. 

  445. 	    if(evictObject->attributes.ppsHierarchy == SET)
    446. 

  446. 		return TPM_RCS_HIERARCHY + RC_EvictControl_objectHandle;
    447. 

  447. 	    // Owner cannot use a handle outside of owner persistent range.
    448. 

  448. 	    if(evictObject->attributes.evict == CLEAR
    449. 

  449. 	       && !NvIsOwnerPersistentHandle(in->persistentHandle))
    450. 

  450. 		return TPM_RCS_RANGE + RC_EvictControl_persistentHandle;
    451. 

  451. 	}
    452. 

  452.     else
    453. 

  453. 	{
    454. 

  454. 	    // Other authorization is not allowed in this command and should have been
    455. 

  455. 	    // filtered out in unmarshal process
    456. 

  456. 	    FAIL(FATAL_ERROR_INTERNAL);
    457. 

  457. 	}
    458. 

  458.     // Internal Data Update
    459. 

  459.     // Change evict state
    460. 

  460.     if(evictObject->attributes.evict == CLEAR)
    461. 

  461. 	{
    462. 

  462. 	    // Make object persistent
    463. 

  463. 	    if(NvFindHandle(in->persistentHandle) != 0)
    464. 

  464. 		return TPM_RC_NV_DEFINED;
    465. 

  465. 	    // A TPM_RC_NV_HANDLE or TPM_RC_NV_SPACE error may be returned at this
    466. 

  466. 	    // point
    467. 

  467. 	    result = NvAddEvictObject(in->persistentHandle, evictObject);
    468. 

  468. 	}
    469. 

  469.     else
    470. 

  470. 	{
    471. 

  471. 	    // Delete the persistent object in NV
    472. 

  472. 	    result = NvDeleteEvict(evictObject->evictHandle);
    473. 

  473. 	}
    474. 

  474.     return result;
    475. 

  475. }
    476. 

  476. #endif // CC_EvictControl
    477.