C++程序  |  292行  |  8.49 KB

// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 4: Supporting Routines
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include    "Tpm.h"
#include    "InternalRoutines.h"
typedef UINT16          ATTRIBUTE_TYPE;
//
//     The following file is produced from the command tables in part 3 of the specification. It defines the
//     attributes for each of the commands.
//
//     NOTE:           This file is currently produced by an automated process. Files produced from Part 2 or Part 3 tables through
//                     automated processes are not included in the specification so that their is no ambiguity about the table
//                     containing the information being the normative definition.
//
#include       "CommandAttributeData.c"
//
//
//          Command Attribute Functions
//
//          CommandAuthRole()
//
//     This function returns the authorization role required of a handle.
//
//     Return Value                       Meaning
//
//     AUTH_NONE                          no authorization is required
//     AUTH_USER                          user role authorization is required
//     AUTH_ADMIN                         admin role authorization is required
//     AUTH_DUP                           duplication role authorization is required
//
AUTH_ROLE
CommandAuthRole(
     TPM_CC        commandCode,                 // IN: command code
     UINT32        handleIndex                  // IN: handle index (zero based)
     )
{
   if(handleIndex > 1)
       return AUTH_NONE;
   if(handleIndex == 0) {
       ATTRIBUTE_TYPE properties = s_commandAttributes[commandCode - TPM_CC_FIRST];
       if(properties & HANDLE_1_USER) return AUTH_USER;
       if(properties & HANDLE_1_ADMIN) return AUTH_ADMIN;
       if(properties & HANDLE_1_DUP) return AUTH_DUP;
       return AUTH_NONE;
   }
   if(s_commandAttributes[commandCode - TPM_CC_FIRST] & HANDLE_2_USER)
           return AUTH_USER;
   return AUTH_NONE;
}
//
//
//          CommandIsImplemented()
//
//     This function indicates if a command is implemented.
//
//     Return Value                      Meaning
//
//     TRUE                              if the command is implemented
//     FALSE                             if the command is not implemented
//
BOOL
CommandIsImplemented(
    TPM_CC                commandCode          // IN: command code
    )
{
    if(commandCode < TPM_CC_FIRST || commandCode > TPM_CC_LAST)
        return FALSE;
    if((s_commandAttributes[commandCode - TPM_CC_FIRST] & IS_IMPLEMENTED))
        return TRUE;
    else
        return FALSE;
}
//
//
//          CommandGetAttribute()
//
//     return a TPMA_CC structure for the given command code
//
TPMA_CC
CommandGetAttribute(
    TPM_CC                commandCode          // IN: command code
    )
{
    UINT32      size = sizeof(s_ccAttr) / sizeof(s_ccAttr[0]);
    UINT32      i;
    for(i = 0; i < size; i++) {
        if(s_ccAttr[i].commandIndex == (UINT16) commandCode)
            return s_ccAttr[i];
    }
    // This function should be called in the way that the command code
    // attribute is available.
    FAIL(FATAL_ERROR_INTERNAL);

    return s_ccAttr[0]; // Just to appease the compiler, never reached.
}
//
//
//          EncryptSize()
//
//     This function returns the size of the decrypt size field. This function returns 0 if encryption is not allowed
//
//     Return Value                      Meaning
//
//     0                                 encryption not allowed
//     2                                 size field is two bytes
//     4                                 size field is four bytes
//
int
EncryptSize(
    TPM_CC                commandCode          // IN: commandCode
    )
{
    COMMAND_ATTRIBUTES        ca = s_commandAttributes[commandCode - TPM_CC_FIRST];
    if(ca & ENCRYPT_2)
        return 2;
    if(ca & ENCRYPT_4)
        return 4;
    return 0;
}
//
//
//          DecryptSize()
//
//     This function returns the size of the decrypt size field. This function returns 0 if decryption is not allowed
//
//     Return Value                      Meaning
//
//     0                                 encryption not allowed
//     2                                 size field is two bytes
//     4                                 size field is four bytes
//
int
DecryptSize(
    TPM_CC                commandCode          // IN: commandCode
    )
{
    COMMAND_ATTRIBUTES        ca = s_commandAttributes[commandCode - TPM_CC_FIRST];
    if(ca & DECRYPT_2)
        return 2;
    if(ca & DECRYPT_4)
        return 4;
    return 0;
}
//
//
//          IsSessionAllowed()
//
//     This function indicates if the command is allowed to have sessions.
//     This function must not be called if the command is not known to be implemented.
//
//     Return Value                      Meaning
//
//     TRUE                              session is allowed with this command
//     FALSE                             session is not allowed with this command
//
BOOL
IsSessionAllowed(
    TPM_CC                commandCode          // IN: the command to be checked
    )
{
    if(s_commandAttributes[commandCode - TPM_CC_FIRST] & NO_SESSIONS)
        return FALSE;
    else
        return TRUE;
}
//
//
//          IsHandleInResponse()
//
BOOL
IsHandleInResponse(
    TPM_CC                commandCode
    )
{
    if(s_commandAttributes[commandCode - TPM_CC_FIRST] & R_HANDLE)
        return TRUE;
    else
        return FALSE;
//
}
//
//
//           IsWriteOperation()
//
//      Checks to see if an operation will write to NV memory
//
BOOL
IsWriteOperation(
   TPM_CC               command           // IN: Command to check
   )
{
   switch (command)
   {
       case TPM_CC_NV_Write:
       case TPM_CC_NV_Increment:
       case TPM_CC_NV_SetBits:
       case TPM_CC_NV_Extend:
       // Nv write lock counts as a write operation for authorization purposes.
       // We check to see if the NV is write locked before we do the authorization
       // If it is locked, we fail the command early.
       case TPM_CC_NV_WriteLock:
           return TRUE;
       default:
           break;
   }
   return FALSE;
}
//
//
//           IsReadOperation()
//
//      Checks to see if an operation will write to NV memory
//
BOOL
IsReadOperation(
   TPM_CC               command           // IN: Command to check
   )
{
   switch (command)
   {
       case TPM_CC_NV_Read:
       case TPM_CC_PolicyNV:
       case TPM_CC_NV_Certify:
       // Nv read lock counts as a read operation for authorization purposes.
       // We check to see if the NV is read locked before we do the authorization
       // If it is locked, we fail the command early.
       case TPM_CC_NV_ReadLock:
           return TRUE;
       default:
           break;
   }
   return FALSE;
}
//
//
//          CommandCapGetCCList()
//
//      This function returns a list of implemented commands and command attributes starting from the
//      command in commandCode.
//
//
//
//
//      Return Value                      Meaning
//
//      YES                               more command attributes are available
//      NO                                no more command attributes are available
//
TPMI_YES_NO
CommandCapGetCCList(
     TPM_CC            commandCode,         // IN: start command code
     UINT32            count,               // IN: maximum count for number of entries in
                                            //     'commandList'
     TPML_CCA         *commandList          // OUT: list of TPMA_CC
     )
{
     TPMI_YES_NO       more = NO;
     UINT32            i;
     // initialize output handle list count
     commandList->count = 0;
     // The maximum count of commands that may be return is MAX_CAP_CC.
     if(count > MAX_CAP_CC) count = MAX_CAP_CC;
     // If the command code is smaller than TPM_CC_FIRST, start from TPM_CC_FIRST
     if(commandCode < TPM_CC_FIRST) commandCode = TPM_CC_FIRST;
     // Collect command attributes
     for(i = commandCode; i <= TPM_CC_LAST; i++)
     {
         if(CommandIsImplemented(i))
         {
             if(commandList->count < count)
             {
                 // If the list is not full, add the attributes for this command.
                 commandList->commandAttributes[commandList->count]
                     = CommandGetAttribute(i);
                 commandList->count++;
             }
             else
             {
                 // If the list is full but there are more commands to report,
                 // indicate this and return.
                 more = YES;
                 break;
             }
         }
     }
     return more;
}