// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014
#include "InternalRoutines.h"
#include "NV_Extend_fp.h"
#include "NV_spt_fp.h"
//
//
// Error Returns Meaning
//
// TPM_RC_ATTRIBUTES the TPMA_NV_EXTEND attribute is not SET in the Index referenced
// by nvIndex
// TPM_RC_NV_AUTHORIZATION the authorization was valid but the authorizing entity (authHandle) is
// not allowed to write to the Index referenced by nvIndex
// TPM_RC_NV_LOCKED the Index referenced by nvIndex is locked for writing
//
TPM_RC
TPM2_NV_Extend(
NV_Extend_In *in // IN: input parameter list
)
{
TPM_RC result;
NV_INDEX nvIndex;
TPM2B_DIGEST oldDigest;
TPM2B_DIGEST newDigest;
HASH_STATE hashState;
// Input Validation
// Common access checks, NvWriteAccessCheck() may return TPM_RC_NV_AUTHORIZATION
// or TPM_RC_NV_LOCKED
result = NvWriteAccessChecks(in->authHandle, in->nvIndex);
if(result != TPM_RC_SUCCESS)
return result;
// Get NV index info
NvGetIndexInfo(in->nvIndex, &nvIndex);
// Make sure that this is an extend index
if(nvIndex.publicArea.attributes.TPMA_NV_EXTEND != SET)
return TPM_RC_ATTRIBUTES + RC_NV_Extend_nvIndex;
// If the Index is not-orderly, or if this is the first write, NV will
// need to be updated.
if( nvIndex.publicArea.attributes.TPMA_NV_ORDERLY == CLEAR
|| nvIndex.publicArea.attributes.TPMA_NV_WRITTEN == CLEAR)
{
// Check if NV is available. NvIsAvailable may return TPM_RC_NV_UNAVAILABLE
// TPM_RC_NV_RATE or TPM_RC_SUCCESS.
result = NvIsAvailable();
if(result != TPM_RC_SUCCESS)
return result;
}
// Internal Data Update
// Perform the write.
oldDigest.t.size = CryptGetHashDigestSize(nvIndex.publicArea.nameAlg);
pAssert(oldDigest.t.size <= sizeof(oldDigest.t.buffer));
if(nvIndex.publicArea.attributes.TPMA_NV_WRITTEN == SET)
{
NvGetIndexData(in->nvIndex, &nvIndex, 0,
oldDigest.t.size, oldDigest.t.buffer);
}
else
{
MemorySet(oldDigest.t.buffer, 0, oldDigest.t.size);
}
// Start hash
newDigest.t.size = CryptStartHash(nvIndex.publicArea.nameAlg, &hashState);
// Adding old digest
CryptUpdateDigest2B(&hashState, &oldDigest.b);
// Adding new data
CryptUpdateDigest2B(&hashState, &in->data.b);
// Complete hash
CryptCompleteHash2B(&hashState, &newDigest.b);
// Write extended hash back.
// Note, this routine will SET the TPMA_NV_WRITTEN attribute if necessary
return NvWriteIndexData(in->nvIndex, &nvIndex, 0,
newDigest.t.size, newDigest.t.buffer);
}