// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "Clear_fp.h"
//
//
//     Error Returns                   Meaning
//
//     TPM_RC_DISABLED                 Clear command has been disabled
//
TPM_RC
TPM2_Clear(
   Clear_In          *in                // IN: input parameter list
   )
{
   TPM_RC                  result;

   // Input parameter is not reference in command action
   in = NULL;

   // The command needs NV update. Check if NV is available.
   // A TPM_RC_NV_UNAVAILABLE or TPM_RC_NV_RATE error may be returned at
   // this point
   result = NvIsAvailable();
   if(result != TPM_RC_SUCCESS) return result;

// Input Validation

   // If Clear command is disabled, return an error
   if(gp.disableClear)
       return TPM_RC_DISABLED;

// Internal Data Update

   // Reset storage hierarchy seed from RNG
   CryptGenerateRandom(PRIMARY_SEED_SIZE, gp.SPSeed.t.buffer);

   // Create new shProof and ehProof value from RNG
   CryptGenerateRandom(PROOF_SIZE, gp.shProof.t.buffer);
   CryptGenerateRandom(PROOF_SIZE, gp.ehProof.t.buffer);

   // Enable storage and endorsement hierarchy
   gc.shEnable = gc.ehEnable = TRUE;

   // set the authValue buffers to zero
   MemorySet(gp.ownerAuth.t.buffer, 0, gp.ownerAuth.t.size);
   MemorySet(gp.endorsementAuth.t.buffer, 0, gp.endorsementAuth.t.size);
   MemorySet(gp.lockoutAuth.t.buffer, 0, gp.lockoutAuth.t.size);
   // Set storage, endorsement and lockout authValue to null
   gp.ownerAuth.t.size = gp.endorsementAuth.t.size = gp.lockoutAuth.t.size = 0;

   // Set storage, endorsement, and lockout authPolicy to null
   gp.ownerAlg = gp.endorsementAlg = gp.lockoutAlg = TPM_ALG_NULL;
   gp.ownerPolicy.t.size = 0;
   gp.endorsementPolicy.t.size = 0;
   gp.lockoutPolicy.t.size = 0;

   // Flush loaded object in storage and endorsement hierarchy
   ObjectFlushHierarchy(TPM_RH_OWNER);
   ObjectFlushHierarchy(TPM_RH_ENDORSEMENT);

   // Flush owner and endorsement object and owner index in NV
   NvFlushHierarchy(TPM_RH_OWNER);
   NvFlushHierarchy(TPM_RH_ENDORSEMENT);

   // Save hierarchy changes to NV
   NvWriteReserved(NV_SP_SEED, &gp.SPSeed);
   NvWriteReserved(NV_SH_PROOF, &gp.shProof);
   NvWriteReserved(NV_EH_PROOF, &gp.ehProof);
   NvWriteReserved(NV_OWNER_AUTH, &gp.ownerAuth);
   NvWriteReserved(NV_ENDORSEMENT_AUTH, &gp.endorsementAuth);
   NvWriteReserved(NV_LOCKOUT_AUTH, &gp.lockoutAuth);
   NvWriteReserved(NV_OWNER_ALG, &gp.ownerAlg);
   NvWriteReserved(NV_ENDORSEMENT_ALG, &gp.endorsementAlg);
   NvWriteReserved(NV_LOCKOUT_ALG, &gp.lockoutAlg);
   NvWriteReserved(NV_OWNER_POLICY, &gp.ownerPolicy);
   NvWriteReserved(NV_ENDORSEMENT_POLICY, &gp.endorsementPolicy);
   NvWriteReserved(NV_LOCKOUT_POLICY, &gp.lockoutPolicy);

   // Initialize dictionary attack parameters
   DAPreInstall_Init();

   // Reset clock
   go.clock = 0;
   go.clockSafe = YES;
   // Update the DRBG state whenever writing orderly state to NV
   CryptDrbgGetPutState(GET_STATE);
   NvWriteReserved(NV_ORDERLY_DATA, &go);

   // Reset counters
   gp.resetCount = gr.restartCount = gr.clearCount = 0;
   gp.auditCounter = 0;
   NvWriteReserved(NV_RESET_COUNT, &gp.resetCount);
   NvWriteReserved(NV_AUDIT_COUNTER, &gp.auditCounter);

   // orderly state should be cleared because of the update to state clear data
   g_clearOrderly = TRUE;

   return TPM_RC_SUCCESS;
}