/* SPDX-License-Identifier: BSD-2-Clause */ /******************************************************************************* * Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG * All rights reserved. *******************************************************************************/ #ifndef FAPI_POLICY_CALLBACKS_H #define FAPI_POLICY_CALLBACKS_H /** The states for policy execution callbacks */ enum IFAPI_STATE_POL_CB_EXCECUTE { POL_CB_EXECUTE_INIT = 0, POL_CB_LOAD_KEY, POL_CB_SEARCH_POLICY, POL_CB_EXECUTE_SUB_POLICY, POL_CB_NV_READ, POL_CB_READ_NV_POLICY, POL_CB_READ_OBJECT, POL_CB_AUTHORIZE_OBJECT }; /** The context of the policy execution */ typedef struct { enum IFAPI_STATE_POL_CB_EXCECUTE cb_state; /**< The execution state of the current policy callback */ char*object_path; /**< The pathname determined by object search */ IFAPI_OBJECT object; /**< Object to be authorized */ ESYS_TR key_handle; /**< Handle of a used key */ ESYS_TR nv_index; /**< Index of nv object storing a policy */ ESYS_TR auth_index; /**< Index of authorization object */ IFAPI_OBJECT auth_object; /**< FAPI auth object needed for authorization */ IFAPI_OBJECT *key_object_ptr; IFAPI_OBJECT *auth_object_ptr; IFAPI_NV_Cmds nv_cmd_state; IFAPI_NV_Cmds nv_cmd_state_sav; /**< backup for state of fapi nv commands */ TPM2B_DIGEST policy_digest; ESYS_TR session; TPMS_POLICY *policy; } IFAPI_POLICY_EXEC_CB_CTX; TSS2_RC ifapi_get_key_public( const char *path, TPMT_PUBLIC *public, void *context); TSS2_RC ifapi_get_object_name( const char *path, TPM2B_NAME *name, void *context); TSS2_RC ifapi_get_nv_public( const char *path, TPM2B_NV_PUBLIC *nv_public, void *context); TSS2_RC ifapi_read_pcr( TPMS_PCR_SELECT *pcr_select, TPML_PCR_SELECTION *pcr_selection, TPML_PCRVALUES **pcr_values, void *ctx); TSS2_RC ifapi_policyeval_cbauth( TPM2B_NAME *name, ESYS_TR *object_handle, ESYS_TR *auth_handle, ESYS_TR *authSession, void *userdata); TSS2_RC ifapi_branch_selection( TPML_POLICYBRANCHES *branches, size_t *branch_idx, void *userdata); TSS2_RC ifapi_sign_buffer( char *key_pem, char *public_key_hint, TPMI_ALG_HASH key_pem_hash_alg, uint8_t *buffer, size_t buffer_size, uint8_t **signature, size_t *signature_size, void *userdata); TSS2_RC ifapi_exec_auth_policy( TPMT_PUBLIC *key_public, TPMI_ALG_HASH hash_alg, TPM2B_DIGEST *digest, TPMT_SIGNATURE *signature, void *userdata); TSS2_RC ifapi_exec_auth_nv_policy( TPM2B_NV_PUBLIC *nv_public, TPMI_ALG_HASH hash_alg, void *userdata); TSS2_RC ifapi_get_duplicate_name( TPM2B_NAME *name, void *userdata); TSS2_RC ifapi_policy_action( const char *action, void *userdata); #endif /* FAPI_POLICY_CALLBACKS_H */