2 Implement TPM2 Integrity related command.
4 Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include <IndustryStandard/UefiTcgPlatform.h>
16 #include <Library/Tpm2CommandLib.h>
17 #include <Library/Tpm2DeviceLib.h>
18 #include <Library/BaseMemoryLib.h>
19 #include <Library/BaseLib.h>
20 #include <Library/DebugLib.h>
25 TPM2_COMMAND_HEADER Header
;
26 TPMI_DH_PCR PcrHandle
;
27 UINT32 AuthorizationSize
;
28 TPMS_AUTH_COMMAND AuthSessionPcr
;
29 TPML_DIGEST_VALUES DigestValues
;
30 } TPM2_PCR_EXTEND_COMMAND
;
33 TPM2_RESPONSE_HEADER Header
;
35 TPMS_AUTH_RESPONSE AuthSessionPcr
;
36 } TPM2_PCR_EXTEND_RESPONSE
;
39 TPM2_COMMAND_HEADER Header
;
40 TPMI_DH_PCR PcrHandle
;
41 UINT32 AuthorizationSize
;
42 TPMS_AUTH_COMMAND AuthSessionPcr
;
43 TPM2B_EVENT EventData
;
44 } TPM2_PCR_EVENT_COMMAND
;
47 TPM2_RESPONSE_HEADER Header
;
49 TPML_DIGEST_VALUES Digests
;
50 TPMS_AUTH_RESPONSE AuthSessionPcr
;
51 } TPM2_PCR_EVENT_RESPONSE
;
54 TPM2_COMMAND_HEADER Header
;
55 TPML_PCR_SELECTION PcrSelectionIn
;
56 } TPM2_PCR_READ_COMMAND
;
59 TPM2_RESPONSE_HEADER Header
;
60 UINT32 PcrUpdateCounter
;
61 TPML_PCR_SELECTION PcrSelectionOut
;
62 TPML_DIGEST PcrValues
;
63 } TPM2_PCR_READ_RESPONSE
;
66 TPM2_COMMAND_HEADER Header
;
67 TPMI_RH_PLATFORM AuthHandle
;
68 UINT32 AuthSessionSize
;
69 TPMS_AUTH_COMMAND AuthSession
;
70 TPML_PCR_SELECTION PcrAllocation
;
71 } TPM2_PCR_ALLOCATE_COMMAND
;
74 TPM2_RESPONSE_HEADER Header
;
75 UINT32 AuthSessionSize
;
76 TPMI_YES_NO AllocationSuccess
;
80 TPMS_AUTH_RESPONSE AuthSession
;
81 } TPM2_PCR_ALLOCATE_RESPONSE
;
86 This command is used to cause an update to the indicated PCR.
87 The digests parameter contains one or more tagged digest value identified by an algorithm ID.
88 For each digest, the PCR associated with pcrHandle is Extended into the bank identified by the tag (hashAlg).
90 @param[in] PcrHandle Handle of the PCR
91 @param[in] Digests List of tagged digest values to be extended
93 @retval EFI_SUCCESS Operation completed successfully.
94 @retval EFI_DEVICE_ERROR Unexpected device behavior.
99 IN TPMI_DH_PCR PcrHandle
,
100 IN TPML_DIGEST_VALUES
*Digests
104 TPM2_PCR_EXTEND_COMMAND Cmd
;
105 TPM2_PCR_EXTEND_RESPONSE Res
;
108 UINT32 ResultBufSize
;
111 UINT32 SessionInfoSize
;
114 Cmd
.Header
.tag
= SwapBytes16(TPM_ST_SESSIONS
);
115 Cmd
.Header
.commandCode
= SwapBytes32(TPM_CC_PCR_Extend
);
116 Cmd
.PcrHandle
= SwapBytes32(PcrHandle
);
120 // Add in Auth session
122 Buffer
= (UINT8
*)&Cmd
.AuthSessionPcr
;
125 SessionInfoSize
= CopyAuthSessionCommand (NULL
, Buffer
);
126 Buffer
+= SessionInfoSize
;
127 Cmd
.AuthorizationSize
= SwapBytes32(SessionInfoSize
);
130 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32(Digests
->count
));
131 Buffer
+= sizeof(UINT32
);
134 for (Index
= 0; Index
< Digests
->count
; Index
++) {
135 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16(Digests
->digests
[Index
].hashAlg
));
136 Buffer
+= sizeof(UINT16
);
137 DigestSize
= GetHashSizeFromAlgo (Digests
->digests
[Index
].hashAlg
);
138 if (DigestSize
== 0) {
139 DEBUG ((EFI_D_ERROR
, "Unknown hash algorithm %d\r\n", Digests
->digests
[Index
].hashAlg
));
140 return EFI_DEVICE_ERROR
;
144 &Digests
->digests
[Index
].digest
,
147 Buffer
+= DigestSize
;
150 CmdSize
= (UINT32
)((UINTN
)Buffer
- (UINTN
)&Cmd
);
151 Cmd
.Header
.paramSize
= SwapBytes32(CmdSize
);
153 ResultBufSize
= sizeof(Res
);
154 Status
= Tpm2SubmitCommand (CmdSize
, (UINT8
*)&Cmd
, &ResultBufSize
, (UINT8
*)&Res
);
155 if (EFI_ERROR(Status
)) {
159 if (ResultBufSize
> sizeof(Res
)) {
160 DEBUG ((EFI_D_ERROR
, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer Too Small\r\n"));
161 return EFI_BUFFER_TOO_SMALL
;
165 // Validate response headers
167 RespSize
= SwapBytes32(Res
.Header
.paramSize
);
168 if (RespSize
> sizeof(Res
)) {
169 DEBUG ((EFI_D_ERROR
, "Tpm2PcrExtend: Response size too large! %d\r\n", RespSize
));
170 return EFI_BUFFER_TOO_SMALL
;
174 // Fail if command failed
176 if (SwapBytes32(Res
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
177 DEBUG ((EFI_D_ERROR
, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", SwapBytes32(Res
.Header
.responseCode
)));
178 return EFI_DEVICE_ERROR
;
182 // Unmarshal the response
191 This command is used to cause an update to the indicated PCR.
192 The data in eventData is hashed using the hash algorithm associated with each bank in which the
193 indicated PCR has been allocated. After the data is hashed, the digests list is returned. If the pcrHandle
194 references an implemented PCR and not TPM_ALG_NULL, digests list is processed as in
196 A TPM shall support an Event.size of zero through 1,024 inclusive.
198 @param[in] PcrHandle Handle of the PCR
199 @param[in] EventData Event data in sized buffer
200 @param[out] Digests List of digest
202 @retval EFI_SUCCESS Operation completed successfully.
203 @retval EFI_DEVICE_ERROR Unexpected device behavior.
208 IN TPMI_DH_PCR PcrHandle
,
209 IN TPM2B_EVENT
*EventData
,
210 OUT TPML_DIGEST_VALUES
*Digests
214 TPM2_PCR_EVENT_COMMAND Cmd
;
215 TPM2_PCR_EVENT_RESPONSE Res
;
218 UINT32 ResultBufSize
;
221 UINT32 SessionInfoSize
;
224 Cmd
.Header
.tag
= SwapBytes16(TPM_ST_SESSIONS
);
225 Cmd
.Header
.commandCode
= SwapBytes32(TPM_CC_PCR_Event
);
226 Cmd
.PcrHandle
= SwapBytes32(PcrHandle
);
229 // Add in Auth session
231 Buffer
= (UINT8
*)&Cmd
.AuthSessionPcr
;
234 SessionInfoSize
= CopyAuthSessionCommand (NULL
, Buffer
);
235 Buffer
+= SessionInfoSize
;
236 Cmd
.AuthorizationSize
= SwapBytes32(SessionInfoSize
);
239 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16(EventData
->size
));
240 Buffer
+= sizeof(UINT16
);
242 CopyMem (Buffer
, EventData
->buffer
, EventData
->size
);
243 Buffer
+= EventData
->size
;
245 CmdSize
= (UINT32
)((UINTN
)Buffer
- (UINTN
)&Cmd
);
246 Cmd
.Header
.paramSize
= SwapBytes32(CmdSize
);
248 ResultBufSize
= sizeof(Res
);
249 Status
= Tpm2SubmitCommand (CmdSize
, (UINT8
*)&Cmd
, &ResultBufSize
, (UINT8
*)&Res
);
250 if (EFI_ERROR(Status
)) {
254 if (ResultBufSize
> sizeof(Res
)) {
255 DEBUG ((EFI_D_ERROR
, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer Too Small\r\n"));
256 return EFI_BUFFER_TOO_SMALL
;
260 // Validate response headers
262 RespSize
= SwapBytes32(Res
.Header
.paramSize
);
263 if (RespSize
> sizeof(Res
)) {
264 DEBUG ((EFI_D_ERROR
, "Tpm2PcrEvent: Response size too large! %d\r\n", RespSize
));
265 return EFI_BUFFER_TOO_SMALL
;
269 // Fail if command failed
271 if (SwapBytes32(Res
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
272 DEBUG ((EFI_D_ERROR
, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n", SwapBytes32(Res
.Header
.responseCode
)));
273 return EFI_DEVICE_ERROR
;
277 // Unmarshal the response
279 Buffer
= (UINT8
*)&Res
.Digests
;
281 Digests
->count
= SwapBytes32 (ReadUnaligned32 ((UINT32
*)Buffer
));
282 if (Digests
->count
> HASH_COUNT
) {
283 DEBUG ((DEBUG_ERROR
, "Tpm2PcrEvent - Digests->count error %x\n", Digests
->count
));
284 return EFI_DEVICE_ERROR
;
287 Buffer
+= sizeof(UINT32
);
288 for (Index
= 0; Index
< Digests
->count
; Index
++) {
289 Digests
->digests
[Index
].hashAlg
= SwapBytes16 (ReadUnaligned16 ((UINT16
*)Buffer
));
290 Buffer
+= sizeof(UINT16
);
291 DigestSize
= GetHashSizeFromAlgo (Digests
->digests
[Index
].hashAlg
);
292 if (DigestSize
== 0) {
293 DEBUG ((EFI_D_ERROR
, "Unknown hash algorithm %d\r\n", Digests
->digests
[Index
].hashAlg
));
294 return EFI_DEVICE_ERROR
;
297 &Digests
->digests
[Index
].digest
,
301 Buffer
+= DigestSize
;
308 This command returns the values of all PCR specified in pcrSelect.
310 @param[in] PcrSelectionIn The selection of PCR to read.
311 @param[out] PcrUpdateCounter The current value of the PCR update counter.
312 @param[out] PcrSelectionOut The PCR in the returned list.
313 @param[out] PcrValues The contents of the PCR indicated in pcrSelect.
315 @retval EFI_SUCCESS Operation completed successfully.
316 @retval EFI_DEVICE_ERROR The command was unsuccessful.
321 IN TPML_PCR_SELECTION
*PcrSelectionIn
,
322 OUT UINT32
*PcrUpdateCounter
,
323 OUT TPML_PCR_SELECTION
*PcrSelectionOut
,
324 OUT TPML_DIGEST
*PcrValues
328 TPM2_PCR_READ_COMMAND SendBuffer
;
329 TPM2_PCR_READ_RESPONSE RecvBuffer
;
330 UINT32 SendBufferSize
;
331 UINT32 RecvBufferSize
;
333 TPML_DIGEST
*PcrValuesOut
;
334 TPM2B_DIGEST
*Digests
;
339 SendBuffer
.Header
.tag
= SwapBytes16(TPM_ST_NO_SESSIONS
);
340 SendBuffer
.Header
.commandCode
= SwapBytes32(TPM_CC_PCR_Read
);
342 SendBuffer
.PcrSelectionIn
.count
= SwapBytes32(PcrSelectionIn
->count
);
343 for (Index
= 0; Index
< PcrSelectionIn
->count
; Index
++) {
344 SendBuffer
.PcrSelectionIn
.pcrSelections
[Index
].hash
= SwapBytes16(PcrSelectionIn
->pcrSelections
[Index
].hash
);
345 SendBuffer
.PcrSelectionIn
.pcrSelections
[Index
].sizeofSelect
= PcrSelectionIn
->pcrSelections
[Index
].sizeofSelect
;
346 CopyMem (&SendBuffer
.PcrSelectionIn
.pcrSelections
[Index
].pcrSelect
, &PcrSelectionIn
->pcrSelections
[Index
].pcrSelect
, SendBuffer
.PcrSelectionIn
.pcrSelections
[Index
].sizeofSelect
);
349 SendBufferSize
= sizeof(SendBuffer
.Header
) + sizeof(SendBuffer
.PcrSelectionIn
.count
) + sizeof(SendBuffer
.PcrSelectionIn
.pcrSelections
[0]) * PcrSelectionIn
->count
;
350 SendBuffer
.Header
.paramSize
= SwapBytes32 (SendBufferSize
);
355 RecvBufferSize
= sizeof (RecvBuffer
);
356 Status
= Tpm2SubmitCommand (SendBufferSize
, (UINT8
*)&SendBuffer
, &RecvBufferSize
, (UINT8
*)&RecvBuffer
);
357 if (EFI_ERROR (Status
)) {
361 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
)) {
362 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize
));
363 return EFI_DEVICE_ERROR
;
365 if (SwapBytes32(RecvBuffer
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
366 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - responseCode - %x\n", SwapBytes32(RecvBuffer
.Header
.responseCode
)));
367 return EFI_NOT_FOUND
;
371 // Return the response
377 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
) + sizeof(RecvBuffer
.PcrUpdateCounter
)) {
378 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize
));
379 return EFI_DEVICE_ERROR
;
381 *PcrUpdateCounter
= SwapBytes32(RecvBuffer
.PcrUpdateCounter
);
386 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
) + sizeof(RecvBuffer
.PcrUpdateCounter
) + sizeof(RecvBuffer
.PcrSelectionOut
.count
)) {
387 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize
));
388 return EFI_DEVICE_ERROR
;
390 PcrSelectionOut
->count
= SwapBytes32(RecvBuffer
.PcrSelectionOut
.count
);
391 if (PcrSelectionOut
->count
> HASH_COUNT
) {
392 DEBUG ((DEBUG_ERROR
, "Tpm2PcrRead - PcrSelectionOut->count error %x\n", PcrSelectionOut
->count
));
393 return EFI_DEVICE_ERROR
;
396 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
) + sizeof(RecvBuffer
.PcrUpdateCounter
) + sizeof(RecvBuffer
.PcrSelectionOut
.count
) + sizeof(RecvBuffer
.PcrSelectionOut
.pcrSelections
[0]) * PcrSelectionOut
->count
) {
397 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize
));
398 return EFI_DEVICE_ERROR
;
400 for (Index
= 0; Index
< PcrSelectionOut
->count
; Index
++) {
401 PcrSelectionOut
->pcrSelections
[Index
].hash
= SwapBytes16(RecvBuffer
.PcrSelectionOut
.pcrSelections
[Index
].hash
);
402 PcrSelectionOut
->pcrSelections
[Index
].sizeofSelect
= RecvBuffer
.PcrSelectionOut
.pcrSelections
[Index
].sizeofSelect
;
403 if (PcrSelectionOut
->pcrSelections
[Index
].sizeofSelect
> PCR_SELECT_MAX
) {
404 return EFI_DEVICE_ERROR
;
406 CopyMem (&PcrSelectionOut
->pcrSelections
[Index
].pcrSelect
, &RecvBuffer
.PcrSelectionOut
.pcrSelections
[Index
].pcrSelect
, PcrSelectionOut
->pcrSelections
[Index
].sizeofSelect
);
412 PcrValuesOut
= (TPML_DIGEST
*)((UINT8
*)&RecvBuffer
+ sizeof (TPM2_RESPONSE_HEADER
) + sizeof(RecvBuffer
.PcrUpdateCounter
) + sizeof(RecvBuffer
.PcrSelectionOut
.count
) + sizeof(RecvBuffer
.PcrSelectionOut
.pcrSelections
[0]) * PcrSelectionOut
->count
);
413 PcrValues
->count
= SwapBytes32(PcrValuesOut
->count
);
415 // The number of digests in list is not greater than 8 per TPML_DIGEST definition
417 if (PcrValues
->count
> 8) {
418 DEBUG ((DEBUG_ERROR
, "Tpm2PcrRead - PcrValues->count error %x\n", PcrValues
->count
));
419 return EFI_DEVICE_ERROR
;
421 Digests
= PcrValuesOut
->digests
;
422 for (Index
= 0; Index
< PcrValues
->count
; Index
++) {
423 PcrValues
->digests
[Index
].size
= SwapBytes16(Digests
->size
);
424 if (PcrValues
->digests
[Index
].size
> sizeof(TPMU_HA
)) {
425 DEBUG ((DEBUG_ERROR
, "Tpm2PcrRead - Digest.size error %x\n", PcrValues
->digests
[Index
].size
));
426 return EFI_DEVICE_ERROR
;
428 CopyMem (&PcrValues
->digests
[Index
].buffer
, &Digests
->buffer
, PcrValues
->digests
[Index
].size
);
429 Digests
= (TPM2B_DIGEST
*)((UINT8
*)Digests
+ sizeof(Digests
->size
) + PcrValues
->digests
[Index
].size
);
436 This command is used to set the desired PCR allocation of PCR and algorithms.
438 @param[in] AuthHandle TPM_RH_PLATFORM+{PP}
439 @param[in] AuthSession Auth Session context
440 @param[in] PcrAllocation The requested allocation
441 @param[out] AllocationSuccess YES if the allocation succeeded
442 @param[out] MaxPCR maximum number of PCR that may be in a bank
443 @param[out] SizeNeeded number of octets required to satisfy the request
444 @param[out] SizeAvailable Number of octets available. Computed before the allocation
446 @retval EFI_SUCCESS Operation completed successfully.
447 @retval EFI_DEVICE_ERROR The command was unsuccessful.
452 IN TPMI_RH_PLATFORM AuthHandle
,
453 IN TPMS_AUTH_COMMAND
*AuthSession
,
454 IN TPML_PCR_SELECTION
*PcrAllocation
,
455 OUT TPMI_YES_NO
*AllocationSuccess
,
457 OUT UINT32
*SizeNeeded
,
458 OUT UINT32
*SizeAvailable
462 TPM2_PCR_ALLOCATE_COMMAND Cmd
;
463 TPM2_PCR_ALLOCATE_RESPONSE Res
;
467 UINT32 SessionInfoSize
;
469 UINT32 ResultBufSize
;
475 Cmd
.Header
.tag
= SwapBytes16(TPM_ST_SESSIONS
);
476 Cmd
.Header
.paramSize
= SwapBytes32(sizeof(Cmd
));
477 Cmd
.Header
.commandCode
= SwapBytes32(TPM_CC_PCR_Allocate
);
478 Cmd
.AuthHandle
= SwapBytes32(AuthHandle
);
481 // Add in Auth session
483 Buffer
= (UINT8
*)&Cmd
.AuthSession
;
486 SessionInfoSize
= CopyAuthSessionCommand (AuthSession
, Buffer
);
487 Buffer
+= SessionInfoSize
;
488 Cmd
.AuthSessionSize
= SwapBytes32(SessionInfoSize
);
491 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32(PcrAllocation
->count
));
492 Buffer
+= sizeof(UINT32
);
493 for (Index
= 0; Index
< PcrAllocation
->count
; Index
++) {
494 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16(PcrAllocation
->pcrSelections
[Index
].hash
));
495 Buffer
+= sizeof(UINT16
);
496 *(UINT8
*)Buffer
= PcrAllocation
->pcrSelections
[Index
].sizeofSelect
;
498 CopyMem (Buffer
, PcrAllocation
->pcrSelections
[Index
].pcrSelect
, PcrAllocation
->pcrSelections
[Index
].sizeofSelect
);
499 Buffer
+= PcrAllocation
->pcrSelections
[Index
].sizeofSelect
;
502 CmdSize
= (UINT32
)(Buffer
- (UINT8
*)&Cmd
);
503 Cmd
.Header
.paramSize
= SwapBytes32(CmdSize
);
505 ResultBuf
= (UINT8
*) &Res
;
506 ResultBufSize
= sizeof(Res
);
511 Status
= Tpm2SubmitCommand (
517 if (EFI_ERROR(Status
)) {
521 if (ResultBufSize
> sizeof(Res
)) {
522 DEBUG ((EFI_D_ERROR
, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n"));
523 Status
= EFI_BUFFER_TOO_SMALL
;
528 // Validate response headers
530 RespSize
= SwapBytes32(Res
.Header
.paramSize
);
531 if (RespSize
> sizeof(Res
)) {
532 DEBUG ((EFI_D_ERROR
, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize
));
533 Status
= EFI_BUFFER_TOO_SMALL
;
538 // Fail if command failed
540 if (SwapBytes32(Res
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
541 DEBUG((EFI_D_ERROR
,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res
.Header
.responseCode
)));
542 Status
= EFI_DEVICE_ERROR
;
547 // Return the response
549 *AllocationSuccess
= Res
.AllocationSuccess
;
550 *MaxPCR
= SwapBytes32(Res
.MaxPCR
);
551 *SizeNeeded
= SwapBytes32(Res
.SizeNeeded
);
552 *SizeAvailable
= SwapBytes32(Res
.SizeAvailable
);
556 // Clear AuthSession Content
558 ZeroMem (&Cmd
, sizeof(Cmd
));
559 ZeroMem (&Res
, sizeof(Res
));
566 @param[in] PlatformAuth platform auth value. NULL means no platform auth change.
567 @param[in] SupportedPCRBanks Supported PCR banks
568 @param[in] PCRBanks PCR banks
570 @retval EFI_SUCCESS Operation completed successfully.
574 Tpm2PcrAllocateBanks (
575 IN TPM2B_AUTH
*PlatformAuth
, OPTIONAL
576 IN UINT32 SupportedPCRBanks
,
581 TPMS_AUTH_COMMAND
*AuthSession
;
582 TPMS_AUTH_COMMAND LocalAuthSession
;
583 TPML_PCR_SELECTION PcrAllocation
;
584 TPMI_YES_NO AllocationSuccess
;
587 UINT32 SizeAvailable
;
589 if (PlatformAuth
== NULL
) {
592 AuthSession
= &LocalAuthSession
;
593 ZeroMem (&LocalAuthSession
, sizeof(LocalAuthSession
));
594 LocalAuthSession
.sessionHandle
= TPM_RS_PW
;
595 LocalAuthSession
.hmac
.size
= PlatformAuth
->size
;
596 CopyMem (LocalAuthSession
.hmac
.buffer
, PlatformAuth
->buffer
, PlatformAuth
->size
);
602 ZeroMem (&PcrAllocation
, sizeof(PcrAllocation
));
603 if ((HASH_ALG_SHA1
& SupportedPCRBanks
) != 0) {
604 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SHA1
;
605 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
606 if ((HASH_ALG_SHA1
& PCRBanks
) != 0) {
607 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
608 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
609 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
611 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
612 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
613 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
615 PcrAllocation
.count
++;
617 if ((HASH_ALG_SHA256
& SupportedPCRBanks
) != 0) {
618 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SHA256
;
619 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
620 if ((HASH_ALG_SHA256
& PCRBanks
) != 0) {
621 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
622 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
623 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
625 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
626 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
627 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
629 PcrAllocation
.count
++;
631 if ((HASH_ALG_SHA384
& SupportedPCRBanks
) != 0) {
632 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SHA384
;
633 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
634 if ((HASH_ALG_SHA384
& PCRBanks
) != 0) {
635 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
636 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
637 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
639 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
640 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
641 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
643 PcrAllocation
.count
++;
645 if ((HASH_ALG_SHA512
& SupportedPCRBanks
) != 0) {
646 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SHA512
;
647 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
648 if ((HASH_ALG_SHA512
& PCRBanks
) != 0) {
649 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
650 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
651 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
653 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
654 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
655 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
657 PcrAllocation
.count
++;
659 if ((HASH_ALG_SM3_256
& SupportedPCRBanks
) != 0) {
660 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SM3_256
;
661 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
662 if ((HASH_ALG_SM3_256
& PCRBanks
) != 0) {
663 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
664 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
665 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
667 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
668 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
669 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
671 PcrAllocation
.count
++;
673 Status
= Tpm2PcrAllocate (
682 DEBUG ((EFI_D_INFO
, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n", Status
));
683 if (EFI_ERROR (Status
)) {
687 DEBUG ((EFI_D_INFO
, "AllocationSuccess - %02x\n", AllocationSuccess
));
688 DEBUG ((EFI_D_INFO
, "MaxPCR - %08x\n", MaxPCR
));
689 DEBUG ((EFI_D_INFO
, "SizeNeeded - %08x\n", SizeNeeded
));
690 DEBUG ((EFI_D_INFO
, "SizeAvailable - %08x\n", SizeAvailable
));
693 ZeroMem(&LocalAuthSession
.hmac
, sizeof(LocalAuthSession
.hmac
));