// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 4: Supporting Routines
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014
#include "Tpm.h"
#include "InternalRoutines.h"
typedef UINT16 ATTRIBUTE_TYPE;
//
// The following file is produced from the command tables in part 3 of the specification. It defines the
// attributes for each of the commands.
//
// NOTE: This file is currently produced by an automated process. Files produced from Part 2 or Part 3 tables through
// automated processes are not included in the specification so that their is no ambiguity about the table
// containing the information being the normative definition.
//
#include "CommandAttributeData.c"
//
//
// Command Attribute Functions
//
// CommandAuthRole()
//
// This function returns the authorization role required of a handle.
//
// Return Value Meaning
//
// AUTH_NONE no authorization is required
// AUTH_USER user role authorization is required
// AUTH_ADMIN admin role authorization is required
// AUTH_DUP duplication role authorization is required
//
AUTH_ROLE
CommandAuthRole(
TPM_CC commandCode, // IN: command code
UINT32 handleIndex // IN: handle index (zero based)
)
{
if(handleIndex > 1)
return AUTH_NONE;
if(handleIndex == 0) {
ATTRIBUTE_TYPE properties = s_commandAttributes[commandCode - TPM_CC_FIRST];
if(properties & HANDLE_1_USER) return AUTH_USER;
if(properties & HANDLE_1_ADMIN) return AUTH_ADMIN;
if(properties & HANDLE_1_DUP) return AUTH_DUP;
return AUTH_NONE;
}
if(s_commandAttributes[commandCode - TPM_CC_FIRST] & HANDLE_2_USER)
return AUTH_USER;
return AUTH_NONE;
}
//
//
// CommandIsImplemented()
//
// This function indicates if a command is implemented.
//
// Return Value Meaning
//
// TRUE if the command is implemented
// FALSE if the command is not implemented
//
BOOL
CommandIsImplemented(
TPM_CC commandCode // IN: command code
)
{
if(commandCode < TPM_CC_FIRST || commandCode > TPM_CC_LAST)
return FALSE;
if((s_commandAttributes[commandCode - TPM_CC_FIRST] & IS_IMPLEMENTED))
return TRUE;
else
return FALSE;
}
//
//
// CommandGetAttribute()
//
// return a TPMA_CC structure for the given command code
//
TPMA_CC
CommandGetAttribute(
TPM_CC commandCode // IN: command code
)
{
UINT32 size = sizeof(s_ccAttr) / sizeof(s_ccAttr[0]);
UINT32 i;
for(i = 0; i < size; i++) {
if(s_ccAttr[i].commandIndex == (UINT16) commandCode)
return s_ccAttr[i];
}
// This function should be called in the way that the command code
// attribute is available.
FAIL(FATAL_ERROR_INTERNAL);
return s_ccAttr[0]; // Just to appease the compiler, never reached.
}
//
//
// EncryptSize()
//
// This function returns the size of the decrypt size field. This function returns 0 if encryption is not allowed
//
// Return Value Meaning
//
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
//
int
EncryptSize(
TPM_CC commandCode // IN: commandCode
)
{
COMMAND_ATTRIBUTES ca = s_commandAttributes[commandCode - TPM_CC_FIRST];
if(ca & ENCRYPT_2)
return 2;
if(ca & ENCRYPT_4)
return 4;
return 0;
}
//
//
// DecryptSize()
//
// This function returns the size of the decrypt size field. This function returns 0 if decryption is not allowed
//
// Return Value Meaning
//
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
//
int
DecryptSize(
TPM_CC commandCode // IN: commandCode
)
{
COMMAND_ATTRIBUTES ca = s_commandAttributes[commandCode - TPM_CC_FIRST];
if(ca & DECRYPT_2)
return 2;
if(ca & DECRYPT_4)
return 4;
return 0;
}
//
//
// IsSessionAllowed()
//
// This function indicates if the command is allowed to have sessions.
// This function must not be called if the command is not known to be implemented.
//
// Return Value Meaning
//
// TRUE session is allowed with this command
// FALSE session is not allowed with this command
//
BOOL
IsSessionAllowed(
TPM_CC commandCode // IN: the command to be checked
)
{
if(s_commandAttributes[commandCode - TPM_CC_FIRST] & NO_SESSIONS)
return FALSE;
else
return TRUE;
}
//
//
// IsHandleInResponse()
//
BOOL
IsHandleInResponse(
TPM_CC commandCode
)
{
if(s_commandAttributes[commandCode - TPM_CC_FIRST] & R_HANDLE)
return TRUE;
else
return FALSE;
//
}
//
//
// IsWriteOperation()
//
// Checks to see if an operation will write to NV memory
//
BOOL
IsWriteOperation(
TPM_CC command // IN: Command to check
)
{
switch (command)
{
case TPM_CC_NV_Write:
case TPM_CC_NV_Increment:
case TPM_CC_NV_SetBits:
case TPM_CC_NV_Extend:
// Nv write lock counts as a write operation for authorization purposes.
// We check to see if the NV is write locked before we do the authorization
// If it is locked, we fail the command early.
case TPM_CC_NV_WriteLock:
return TRUE;
default:
break;
}
return FALSE;
}
//
//
// IsReadOperation()
//
// Checks to see if an operation will write to NV memory
//
BOOL
IsReadOperation(
TPM_CC command // IN: Command to check
)
{
switch (command)
{
case TPM_CC_NV_Read:
case TPM_CC_PolicyNV:
case TPM_CC_NV_Certify:
// Nv read lock counts as a read operation for authorization purposes.
// We check to see if the NV is read locked before we do the authorization
// If it is locked, we fail the command early.
case TPM_CC_NV_ReadLock:
return TRUE;
default:
break;
}
return FALSE;
}
//
//
// CommandCapGetCCList()
//
// This function returns a list of implemented commands and command attributes starting from the
// command in commandCode.
//
//
//
//
// Return Value Meaning
//
// YES more command attributes are available
// NO no more command attributes are available
//
TPMI_YES_NO
CommandCapGetCCList(
TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: maximum count for number of entries in
// 'commandList'
TPML_CCA *commandList // OUT: list of TPMA_CC
)
{
TPMI_YES_NO more = NO;
UINT32 i;
// initialize output handle list count
commandList->count = 0;
// The maximum count of commands that may be return is MAX_CAP_CC.
if(count > MAX_CAP_CC) count = MAX_CAP_CC;
// If the command code is smaller than TPM_CC_FIRST, start from TPM_CC_FIRST
if(commandCode < TPM_CC_FIRST) commandCode = TPM_CC_FIRST;
// Collect command attributes
for(i = commandCode; i <= TPM_CC_LAST; i++)
{
if(CommandIsImplemented(i))
{
if(commandList->count < count)
{
// If the list is not full, add the attributes for this command.
commandList->commandAttributes[commandList->count]
= CommandGetAttribute(i);
commandList->count++;
}
else
{
// If the list is full but there are more commands to report,
// indicate this and return.
more = YES;
break;
}
}
}
return more;
}