diff options
Diffstat (limited to 'firmware/lib/tpm2_lite/tlcl.c')
-rw-r--r-- | firmware/lib/tpm2_lite/tlcl.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/firmware/lib/tpm2_lite/tlcl.c b/firmware/lib/tpm2_lite/tlcl.c index aec3e2b3..70d584f0 100644 --- a/firmware/lib/tpm2_lite/tlcl.c +++ b/firmware/lib/tpm2_lite/tlcl.c @@ -190,8 +190,18 @@ uint32_t TlclContinueSelfTest(void) uint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size) { + return TlclDefineSpaceEx(NULL, 0, index, perm, size, NULL, 0); +} + +uint32_t TlclDefineSpaceEx(const uint8_t* owner_auth, uint32_t owner_auth_size, + uint32_t index, uint32_t perm, uint32_t size, + const void* auth_policy, uint32_t auth_policy_size) +{ struct tpm2_nv_define_space_cmd define_space; + /* Authentication support is not implemented. */ + VbAssert(owner_auth == NULL && owner_auth_size == 0); + /* For backwards-compatibility, if no READ or WRITE permissions are set, * assume readable/writeable with empty auth value. */ @@ -205,10 +215,25 @@ uint32_t TlclDefineSpace(uint32_t index, uint32_t perm, uint32_t size) define_space.publicInfo.dataSize = size; define_space.publicInfo.attributes = perm; define_space.publicInfo.nameAlg = TPM_ALG_SHA256; + if (auth_policy && auth_policy_size > 0) { + define_space.publicInfo.authPolicy.size = auth_policy_size; + define_space.publicInfo.authPolicy.buffer = + (uint8_t*) auth_policy; + } return tpm_get_response_code(TPM2_NV_DefineSpace, &define_space); } +uint32_t TlclInitNvAuthPolicy(uint32_t pcr_selection_bitmap, + const uint8_t pcr_values[][TPM_PCR_DIGEST], + void* auth_policy, uint32_t* auth_policy_size) +{ + /* Actual PCR selection isn't implemented. */ + VbAssert(pcr_selection_bitmap == 0); + *auth_policy_size = 0; + return TPM_SUCCESS; +} + /** * Issue a ForceClear. The TPM error code is returned. */ |