regtest: Add policycapability regression test

Add man page. Add command line program. Signed-off-by: Ken Goldman <kgold@linux.ibm.com>
kgoldman · Mar 25, 2024 · d1abbaf · d1abbaf
1 parent f355d6d
commit d1abbaf
Show file tree

Hide file tree

Showing 14 changed files with 488 additions and 22 deletions.
diff --git a/.gitignore b/.gitignore
@@ -465,6 +465,7 @@ utils/pcrreset
 utils/policyauthorize
 utils/policyauthorizenv
 utils/policyauthvalue
+utils/policycapability
 utils/policycommandcode
 utils/policycountertimer
 utils/policycphash

diff --git a/utils/Makefile.am b/utils/Makefile.am
@@ -107,22 +107,26 @@ endif
 
 if CONFIG_TPM20
 if !CONFIG_TSS_NOPRINT
-bin_PROGRAMS = activatecredential eventextend imaextend certify certifycreation certifyx509 changeeps changepps clear \
-	clearcontrol clockrateadjust clockset commit contextload contextsave create createloaded createprimary \
-	dictionaryattacklockreset dictionaryattackparameters duplicate eccparameters eccencrypt eccdecrypt ecephemeral encryptdecrypt \
-	eventsequencecomplete evictcontrol flushcontext getcommandauditdigest getcapability getcryptolibrary \
-	getrandom gettestresult getsessionauditdigest gettime hashsequencestart hash hierarchycontrol \
-	hierarchychangeauth hmac hmacstart import importpem load loadexternal makecredential nvcertify nvchangeauth \
-	nvdefinespace nvextend nvglobalwritelock nvincrement nvread nvreadlock nvreadpublic nvsetbits \
-	nvundefinespace nvundefinespacespecial nvwrite nvwritelock objectchangeauth pcrallocate pcrevent pcrextend \
-	pcrread pcrreset policyauthorize policyauthvalue policycommandcode policycphash policynamehash \
-	policycountertimer policyduplicationselect policygetdigest policymaker policymakerpcr policyauthorizenv \
-	policynv policynvwritten policyor policypassword policyparameters policypcr policyrestart policysigned policysecret \
-	policytemplate policyticket quote powerup readclock readpublic returncode rewrap rsadecrypt rsaencrypt \
-	sequenceupdate sequencecomplete setcommandcodeauditstatus setprimarypolicy shutdown sign startauthsession \
-	startup stirrandom unseal \
-	verifysignature zgen2phase signapp writeapp createek createekcert tpm2pem tpmpublic2eccpoint \
-	ntc2getconfig ntc2preconfig ntc2lockconfig publicname tpmcmd printattr tpmproxy
+bin_PROGRAMS = activatecredential eventextend imaextend certify certifycreation certifyx509 \
+	changeeps changepps clear clearcontrol clockrateadjust clockset commit contextload \
+	contextsave create createloaded createprimary dictionaryattacklockreset \
+	dictionaryattackparameters duplicate eccparameters eccencrypt eccdecrypt ecephemeral \
+	encryptdecrypt eventsequencecomplete evictcontrol flushcontext getcommandauditdigest \
+	getcapability getcryptolibrary getrandom gettestresult getsessionauditdigest gettime \
+	hashsequencestart hash hierarchycontrol hierarchychangeauth hmac hmacstart import \
+	importpem load loadexternal makecredential nvcertify nvchangeauth nvdefinespace \
+	nvextend nvglobalwritelock nvincrement nvread nvreadlock nvreadpublic nvsetbits \
+	nvundefinespace nvundefinespacespecial nvwrite nvwritelock objectchangeauth \
+	pcrallocate pcrevent pcrextend pcrread pcrreset policyauthorize policyauthvalue \
+	policycapability policycommandcode policycphash policynamehash policycountertimer \
+	policyduplicationselect policygetdigest policymaker policymakerpcr policyauthorizenv \
+	policynv policynvwritten policyor policypassword policyparameters policypcr policyrestart \
+	policysigned policysecret policytemplate policyticket quote powerup readclock \
+	readpublic returncode rewrap rsadecrypt rsaencrypt sequenceupdate sequencecomplete \
+	setcommandcodeauditstatus setprimarypolicy shutdown sign startauthsession startup \
+	stirrandom unseal verifysignature zgen2phase signapp writeapp createek createekcert \
+	tpm2pem tpmpublic2eccpoint ntc2getconfig ntc2preconfig ntc2lockconfig publicname \
+	tpmcmd printattr tpmproxy
 
 if !CONFIG_TSS_NOFILE
 bin_PROGRAMS += timepacket
@@ -414,6 +418,10 @@ policyauthvalue_SOURCES = policyauthvalue.c
 policyauthvalue_CFLAGS = $(UTILS_CFLAGS)
 policyauthvalue_LDADD = libibmtssutils.la libibmtss.la
 
+policycapability_SOURCES = policycapability.c
+policycapability_CFLAGS = $(UTILS_CFLAGS)
+policycapability_LDADD = libibmtssutils.la libibmtss.la
+
 policycommandcode_SOURCES = policycommandcode.c
 policycommandcode_CFLAGS = $(UTILS_CFLAGS)
 policycommandcode_LDADD = libibmtssutils.la libibmtss.la

diff --git a/utils/makefile-common20 b/utils/makefile-common20
@@ -115,6 +115,7 @@ ALL += 	activatecredential$(EXE)		\
 	policycommandcode$(EXE) 		\
 	policycphash$(EXE)	 		\
 	policynamehash$(EXE)	 		\
+	policycapability$(EXE)	 		\
 	policycountertimer$(EXE)		\
 	policyduplicationselect$(EXE)		\
 	policygetdigest$(EXE)			\

diff --git a/utils/makefile.mac b/utils/makefile.mac
@@ -344,6 +344,8 @@ policyauthorize:	ibmtss/tss.h policyauthorize.o $(LIBTSS)
 			$(CC) $(LNFLAGS) $(LNAFLAGS) policyauthorize.o $(LNALIBS) -o policyauthorize
 policyauthvalue:	ibmtss/tss.h policyauthvalue.o $(LIBTSS)
 			$(CC) $(LNFLAGS) $(LNAFLAGS) policyauthvalue.o $(LNALIBS) -o policyauthvalue
+policycapability:	ibmtss/tss.h policycapability.o $(LIBTSS)
+			$(CC) $(LNFLAGS) $(LNAFLAGS) policycapability.o $(LNALIBS) -o policycapability
 policycommandcode:	ibmtss/tss.h policycommandcode.o $(LIBTSS)
 			$(CC) $(LNFLAGS) $(LNAFLAGS) policycommandcode.o $(LNALIBS) -o policycommandcode
 policycphash:		ibmtss/tss.h policycphash.o $(LIBTSS)

diff --git a/utils/makefiletpm20 b/utils/makefiletpm20
@@ -426,6 +426,8 @@ policyauthorize:	ibmtss/tss.h policyauthorize.o $(LIBTSS) $(LIBTSSUTILS)
 			$(CC) $(LNFLAGS) $(LNAFLAGS) policyauthorize.o $(LNALIBS) -o policyauthorize
 policyauthvalue:	ibmtss/tss.h policyauthvalue.o $(LIBTSS) $(LIBTSSUTILS)
 			$(CC) $(LNFLAGS) $(LNAFLAGS) policyauthvalue.o $(LNALIBS) -o policyauthvalue
+policycapability:	ibmtss/tss.h policycapability.o $(LIBTSS) $(LIBTSSUTILS)
+			$(CC) $(LNFLAGS) $(LNAFLAGS) policycapability.o $(LNALIBS) -o policycapability
 policycommandcode:	ibmtss/tss.h policycommandcode.o $(LIBTSS) $(LIBTSSUTILS)
 			$(CC) $(LNFLAGS) $(LNAFLAGS) policycommandcode.o $(LNALIBS) -o policycommandcode
 policycphash:		ibmtss/tss.h policycphash.o $(LIBTSS) $(LIBTSSUTILS)

diff --git a/utils/makefiletpmc b/utils/makefiletpmc
@@ -414,6 +414,8 @@ policyauthorize:	ibmtss/tss.h policyauthorize.o $(LIBTSS) $(LIBTSSUTILS)
 			$(CC) $(LNFLAGS) $(LNAFLAGS) policyauthorize.o $(LNALIBS) -o policyauthorize
 policyauthvalue:	ibmtss/tss.h policyauthvalue.o $(LIBTSS) $(LIBTSSUTILS)
 			$(CC) $(LNFLAGS) $(LNAFLAGS) policyauthvalue.o $(LNALIBS) -o policyauthvalue
+policycapability:	ibmtss/tss.h policycapability.o $(LIBTSS) $(LIBTSSUTILS)
+			$(CC) $(LNFLAGS) $(LNAFLAGS) policycapability.o $(LNALIBS) -o policycapability
 policycommandcode:	ibmtss/tss.h policycommandcode.o $(LIBTSS) $(LIBTSSUTILS)
 			$(CC) $(LNFLAGS) $(LNAFLAGS) policycommandcode.o $(LNALIBS) -o policycommandcode
 policycphash:		ibmtss/tss.h policycphash.o $(LIBTSS) $(LIBTSSUTILS)

diff --git a/utils/man/man1/tsspolicycapability.1 b/utils/man/man1/tsspolicycapability.1
@@ -0,0 +1,55 @@
+.TH TSSPOLICYCAPABILITY "1" "March 2024" "tsspolicycapability 2.3" "User Commands"
+.SH NAME
+tsspolicycapability \- Runs tsspolicycapability
+.SH DESCRIPTION
+tsspolicycapability
+.PP
+Runs TPM2_PolicyCapability
+.PP
+\fB\-hs\fR
+policy session handle
+.br
+\fB\-ic\fR
+data string (operandB)
+.br
+\fB\-if\fR
+data file (operandB)
+.TP
+\fB\-cap\fR
+capability
+.br
+TPM_CAP_ALGS           0
+.br
+TPM_CAP_HANDLES        1
+.br
+TPM_CAP_COMMANDS       2
+.br
+TPM_CAP_PP_COMMANDS    3
+.br
+TPM_CAP_AUDIT_COMMANDS 4
+.br
+TPM_CAP_PCRS           5
+.br
+TPM_CAP_TPM_PROPERTIES 6
+.br
+TPM_CAP_PCR_PROPERTIES 7
+.br
+TPM_CAP_ECC_CURVES     8
+.br
+TPM_CAP_AUTH_POLICIES  9
+.br
+TPM_CAP_ACT            a
+.TP
+\fB\-pr\fR
+property (defaults to 0)
+.HP
+\fB\-se[0\-2]\fR session handle / attributes (default NULL)
+.br
+01
+continue
+.br
+20
+command decrypt
+.br
+80
+command audit
diff --git a/utils/man/man1/tsspolicyparameters.1 b/utils/man/man1/tsspolicyparameters.1
@@ -5,20 +5,20 @@ tsspolicyparameters \- Runs tsspolicyparameters
 tsspolicyparameters
 .PP
 Runs TPM2_PolicyParameters
-.TP
+.PP
 \fB\-ha\fR
 policy session handle
-.TP
+.br
 \fB\-ph\fR
 parameter hash file
 .HP
 \fB\-se0\fR session handle / attributes (default NULL)
-.TP
+.br
 01
 continue
-.TP
+.br
 20
 command decrypt
-.TP
+.br
 80
 audit
diff --git a/utils/policies/policycapargsrevision183.txt b/utils/policies/policycapargsrevision183.txt
@@ -0,0 +1 @@
+000000b7000000070000000600000102
diff --git a/utils/policies/policycaprevision183.bin b/utils/policies/policycaprevision183.bin
@@ -0,0 +1 @@
+A��mE(���C6��Hהs��]&i��qv��&
diff --git a/utils/policies/policycaprevision183.txt b/utils/policies/policycaprevision183.txt
@@ -0,0 +1 @@
+0000019b1e11883c7d42c639c4e4ae1e1fa48b53a2ef6b6387cbeabc97501b1582b3e5a2
diff --git a/utils/policies/rev183.bin b/utils/policies/rev183.bin
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		A��mE(��C6��Hהs��]&i��qv��&
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		0000019b1e11883c7d42c639c4e4ae1e1fa48b53a2ef6b6387cbeabc97501b1582b3e5a2