From 6716d883420b7d17f0506be97562cb0d48c6f7bb Mon Sep 17 00:00:00 2001 From: Joseph Lee Date: Thu, 20 Jul 2023 23:53:45 +0900 Subject: [PATCH] feat: tpm2.EvictControl --- tpm2/structures.go | 4 ++++ tpm2/test/evict_control_test.go | 38 +++++++++++++++++++++++++++++++++ tpm2/tpm2.go | 24 +++++++++++++++++++++ 3 files changed, 66 insertions(+) create mode 100644 tpm2/test/evict_control_test.go diff --git a/tpm2/structures.go b/tpm2/structures.go index 7fe0d3c8..ac531a31 100644 --- a/tpm2/structures.go +++ b/tpm2/structures.go @@ -343,6 +343,10 @@ type TPMIYesNo = bool // See definition in Part 2: Structures, section 9.3. type TPMIDHObject = TPMHandle +// TPMIDHPersistent represents a TPMI_DH_PERSISTENT. +// See definition in Part 2: Structures, section 9.5. +type TPMIDHPersistent = TPMHandle + // TPMIDHEntity represents a TPMI_DH_ENTITY. // See definition in Part 2: Structures, section 9.6. type TPMIDHEntity = TPMHandle diff --git a/tpm2/test/evict_control_test.go b/tpm2/test/evict_control_test.go new file mode 100644 index 00000000..fc84bb9f --- /dev/null +++ b/tpm2/test/evict_control_test.go @@ -0,0 +1,38 @@ +package tpm2test + +import ( + "testing" + + . "github.com/google/go-tpm/tpm2" + "github.com/google/go-tpm/tpm2/transport/simulator" +) + +func TestEvictControl(t *testing.T) { + thetpm, err := simulator.OpenSimulator() + if err != nil { + t.Fatalf("could not connect to TPM simulator: %v", err) + } + defer thetpm.Close() + + srkCreate := CreatePrimary{ + PrimaryHandle: TPMRHOwner, + InPublic: New2B(ECCSRKTemplate), + } + + srkCreateRsp, err := srkCreate.Execute(thetpm) + if err != nil { + t.Fatalf("could not generate SRK: %v", err) + } + + _, err = EvictControl{ + Auth: TPMRHOwner, + ObjectHandle: &NamedHandle{ + Handle: srkCreateRsp.ObjectHandle, + Name: srkCreateRsp.Name, + }, + PersistentHandle: 0x81000000, + }.Execute(thetpm) + if err != nil { + t.Fatalf("could not persist: %v", err) + } +} diff --git a/tpm2/tpm2.go b/tpm2/tpm2.go index ad354bbf..c4e2baae 100644 --- a/tpm2/tpm2.go +++ b/tpm2/tpm2.go @@ -1469,6 +1469,30 @@ func (cmd FlushContext) Execute(t transport.TPM, s ...Session) (*FlushContextRes // FlushContextResponse is the response from TPM2_FlushContext. type FlushContextResponse struct{} +// EvictControl is the input to TPM2_EvictControl. +// See definition in Part 3, Commands, section 28.5 +type EvictControl struct { + // TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} + Auth handle `gotpm:"handle,auth"` + ObjectHandle handle `gotpm:"handle"` + PersistentHandle TPMIDHPersistent +} + +// EvictControlResponse is the response from TPM2_EvictControl. +type EvictControlResponse struct{} + +// Command implements the Command interface. +func (EvictControl) Command() TPMCC { return TPMCCEvictControl } + +// Execute executes the command and returns the response. +func (cmd EvictControl) Execute(t transport.TPM, s ...Session) (*EvictControlResponse, error) { + var rsp EvictControlResponse + if err := execute[EvictControlResponse](t, cmd, &rsp, s...); err != nil { + return nil, err + } + return &rsp, nil +} + // GetCapability is the input to TPM2_GetCapability. // See definition in Part 3, Commands, section 30.2 type GetCapability struct {