Functions | |
EFI_STATUS EFIAPI | Tpm2SetPrimaryPolicy (IN TPMI_RH_HIERARCHY_AUTH AuthHandle, IN TPMS_AUTH_COMMAND *AuthSession, IN TPM2B_DIGEST *AuthPolicy, IN TPMI_ALG_HASH HashAlg) |
EFI_STATUS EFIAPI | Tpm2Clear (IN TPMI_RH_CLEAR AuthHandle, IN TPMS_AUTH_COMMAND *AuthSession) |
EFI_STATUS EFIAPI | Tpm2ClearControl (IN TPMI_RH_CLEAR AuthHandle, IN TPMS_AUTH_COMMAND *AuthSession, IN TPMI_YES_NO Disable) |
EFI_STATUS EFIAPI | Tpm2HierarchyChangeAuth (IN TPMI_RH_HIERARCHY_AUTH AuthHandle, IN TPMS_AUTH_COMMAND *AuthSession, IN TPM2B_AUTH *NewAuth) |
EFI_STATUS EFIAPI | Tpm2ChangeEPS (IN TPMI_RH_PLATFORM AuthHandle, IN TPMS_AUTH_COMMAND *AuthSession) |
EFI_STATUS EFIAPI | Tpm2ChangePPS (IN TPMI_RH_PLATFORM AuthHandle, IN TPMS_AUTH_COMMAND *AuthSession) |
EFI_STATUS EFIAPI | Tpm2HierarchyControl (IN TPMI_RH_HIERARCHY AuthHandle, IN TPMS_AUTH_COMMAND *AuthSession, IN TPMI_RH_HIERARCHY Hierarchy, IN TPMI_YES_NO State) |
Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
EFI_STATUS EFIAPI Tpm2ChangeEPS | ( | IN TPMI_RH_PLATFORM | AuthHandle, | |
IN TPMS_AUTH_COMMAND * | AuthSession | |||
) |
This replaces the current EPS with a value from the RNG and sets the Endorsement hierarchy controls to their default initialization values.
[in] | AuthHandle | TPM_RH_PLATFORM+{PP} |
[in] | AuthSession | Auth Session context |
EFI_SUCCESS | Operation completed successfully. | |
EFI_DEVICE_ERROR | Unexpected device behavior. |
References CopyAuthSessionCommand(), EFI_STATUS(), and Tpm2SubmitCommand().
Referenced by Tpm2CommandChangeEps().
EFI_STATUS EFIAPI Tpm2ChangePPS | ( | IN TPMI_RH_PLATFORM | AuthHandle, | |
IN TPMS_AUTH_COMMAND * | AuthSession | |||
) |
This replaces the current PPS with a value from the RNG and sets platformPolicy to the default initialization value (the Empty Buffer).
[in] | AuthHandle | TPM_RH_PLATFORM+{PP} |
[in] | AuthSession | Auth Session context |
EFI_SUCCESS | Operation completed successfully. | |
EFI_DEVICE_ERROR | Unexpected device behavior. |
References CopyAuthSessionCommand(), EFI_STATUS(), and Tpm2SubmitCommand().
EFI_STATUS EFIAPI Tpm2Clear | ( | IN TPMI_RH_CLEAR | AuthHandle, | |
IN TPMS_AUTH_COMMAND * | AuthSession | |||
) |
This command removes all TPM context associated with a specific Owner.
[in] | AuthHandle | TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP} |
[in] | AuthSession | Auth Session context |
EFI_SUCCESS | Operation completed successfully. | |
EFI_DEVICE_ERROR | Unexpected device behavior. |
References CopyAuthSessionCommand(), EFI_STATUS(), and Tpm2SubmitCommand().
Referenced by Tpm2CommandClear(), and TpmCommandClear().
EFI_STATUS EFIAPI Tpm2ClearControl | ( | IN TPMI_RH_CLEAR | AuthHandle, | |
IN TPMS_AUTH_COMMAND * | AuthSession, | |||
IN TPMI_YES_NO | Disable | |||
) |
Disables and enables the execution of TPM2_Clear().
[in] | AuthHandle | TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP} |
[in] | AuthSession | Auth Session context |
[in] | Disable | YES if the disableOwnerClear flag is to be SET, NO if the flag is to be CLEAR. |
EFI_SUCCESS | Operation completed successfully. | |
EFI_DEVICE_ERROR | Unexpected device behavior. |
References CopyAuthSessionCommand(), EFI_STATUS(), and Tpm2SubmitCommand().
Referenced by Tpm2CommandClear(), and TpmCommandClear().
EFI_STATUS EFIAPI Tpm2HierarchyChangeAuth | ( | IN TPMI_RH_HIERARCHY_AUTH | AuthHandle, | |
IN TPMS_AUTH_COMMAND * | AuthSession, | |||
IN TPM2B_AUTH * | NewAuth | |||
) |
This command allows the authorization secret for a hierarchy or lockout to be changed using the current authorization value as the command authorization.
[in] | AuthHandle | TPM_RH_LOCKOUT, TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} |
[in] | AuthSession | Auth Session context |
[in] | NewAuth | New authorization secret |
EFI_SUCCESS | Operation completed successfully. | |
EFI_DEVICE_ERROR | Unexpected device behavior. |
References CopyAuthSessionCommand(), EFI_STATUS(), and Tpm2SubmitCommand().
EFI_STATUS EFIAPI Tpm2HierarchyControl | ( | IN TPMI_RH_HIERARCHY | AuthHandle, | |
IN TPMS_AUTH_COMMAND * | AuthSession, | |||
IN TPMI_RH_HIERARCHY | Hierarchy, | |||
IN TPMI_YES_NO | State | |||
) |
This command enables and disables use of a hierarchy.
[in] | AuthHandle | TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} |
[in] | AuthSession | Auth Session context |
[in] | Hierarchy | Hierarchy of the enable being modified |
[in] | State | YES if the enable should be SET, NO if the enable should be CLEAR |
EFI_SUCCESS | Operation completed successfully. | |
EFI_DEVICE_ERROR | Unexpected device behavior. |
References CopyAuthSessionCommand(), EFI_STATUS(), and Tpm2SubmitCommand().
EFI_STATUS EFIAPI Tpm2SetPrimaryPolicy | ( | IN TPMI_RH_HIERARCHY_AUTH | AuthHandle, | |
IN TPMS_AUTH_COMMAND * | AuthSession, | |||
IN TPM2B_DIGEST * | AuthPolicy, | |||
IN TPMI_ALG_HASH | HashAlg | |||
) |
This command allows setting of the authorization policy for the platform hierarchy (platformPolicy), the storage hierarchy (ownerPolicy), and and the endorsement hierarchy (endorsementPolicy).
[in] | AuthHandle | TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} parameters to be validated |
[in] | AuthSession | Auth Session context |
[in] | AuthPolicy | An authorization policy hash |
[in] | HashAlg | The hash algorithm to use for the policy |
EFI_SUCCESS | Operation completed successfully. | |
EFI_DEVICE_ERROR | Unexpected device behavior. |
References CopyAuthSessionCommand(), EFI_STATUS(), Tpm2SubmitCommand(), and UINTN().