C++程序  |  91行  |  2.87 KB

// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "NV_Extend_fp.h"
#include "NV_spt_fp.h"
//
//
//     Error Returns               Meaning
//
//     TPM_RC_ATTRIBUTES           the TPMA_NV_EXTEND attribute is not SET in the Index referenced
//                                 by nvIndex
//     TPM_RC_NV_AUTHORIZATION     the authorization was valid but the authorizing entity (authHandle) is
//                                 not allowed to write to the Index referenced by nvIndex
//     TPM_RC_NV_LOCKED            the Index referenced by nvIndex is locked for writing
//
TPM_RC
TPM2_NV_Extend(
   NV_Extend_In      *in            // IN: input parameter list
   )
{
   TPM_RC                  result;
   NV_INDEX                nvIndex;

   TPM2B_DIGEST            oldDigest;
   TPM2B_DIGEST            newDigest;
   HASH_STATE              hashState;

// Input Validation

   // Common access checks, NvWriteAccessCheck() may return TPM_RC_NV_AUTHORIZATION
   // or TPM_RC_NV_LOCKED
   result = NvWriteAccessChecks(in->authHandle, in->nvIndex);
   if(result != TPM_RC_SUCCESS)
       return result;

   // Get NV index info
   NvGetIndexInfo(in->nvIndex, &nvIndex);

   // Make sure that this is an extend index
   if(nvIndex.publicArea.attributes.TPMA_NV_EXTEND != SET)
       return TPM_RC_ATTRIBUTES + RC_NV_Extend_nvIndex;

   // If the Index is not-orderly, or if this is the first write, NV will
   // need to be updated.
   if(   nvIndex.publicArea.attributes.TPMA_NV_ORDERLY == CLEAR
      || nvIndex.publicArea.attributes.TPMA_NV_WRITTEN == CLEAR)
   {
       // Check if NV is available. NvIsAvailable may return TPM_RC_NV_UNAVAILABLE
       // TPM_RC_NV_RATE or TPM_RC_SUCCESS.
       result = NvIsAvailable();
       if(result != TPM_RC_SUCCESS)
           return result;
   }

// Internal Data Update

   // Perform the write.
   oldDigest.t.size = CryptGetHashDigestSize(nvIndex.publicArea.nameAlg);
   pAssert(oldDigest.t.size <= sizeof(oldDigest.t.buffer));
   if(nvIndex.publicArea.attributes.TPMA_NV_WRITTEN == SET)
   {
       NvGetIndexData(in->nvIndex, &nvIndex, 0,
                      oldDigest.t.size, oldDigest.t.buffer);
   }
   else
   {
       MemorySet(oldDigest.t.buffer, 0, oldDigest.t.size);
   }
   // Start hash
   newDigest.t.size = CryptStartHash(nvIndex.publicArea.nameAlg, &hashState);

   // Adding old digest
   CryptUpdateDigest2B(&hashState, &oldDigest.b);

   // Adding new data
   CryptUpdateDigest2B(&hashState, &in->data.b);

   // Complete hash
   CryptCompleteHash2B(&hashState, &newDigest.b);

   // Write extended hash back.
   // Note, this routine will SET the TPMA_NV_WRITTEN attribute if necessary
   return NvWriteIndexData(in->nvIndex, &nvIndex, 0,
                           newDigest.t.size, newDigest.t.buffer);
}