tpm2-tss  3.2.1
TPM Software stack 2.0 TCG spec compliant implementation
fapi_int.h
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3  * Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG
4  * All rights reserved.
5  ******************************************************************************/
6 #ifndef FAPI_INT_H
7 #define FAPI_INT_H
8 
9 #include "fapi_types.h"
10 #include "ifapi_policy_types.h"
11 #include "ifapi_policy_instantiate.h"
12 #include "ifapi_eventlog.h"
13 #include "ifapi_io.h"
14 #include "ifapi_profiles.h"
15 #include "ifapi_macros.h"
16 #include "ifapi_keystore.h"
17 #include "ifapi_policy_store.h"
18 #include "ifapi_config.h"
19 
20 #include <stdlib.h>
21 #include <stdint.h>
22 #include <unistd.h>
23 #include <string.h>
24 #include <inttypes.h>
25 #include <stdarg.h>
26 #include <stdbool.h>
27 #include <sys/stat.h>
28 #include <stdio.h>
29 #include <errno.h>
30 #include <fcntl.h>
31 #include <json-c/json.h>
32 #include <poll.h>
33 
34 #include "tss2_esys.h"
35 #include "tss2_fapi.h"
36 
37 #define DEFAULT_LOG_DIR "/run/tpm2_tss"
38 #define IFAPI_PCR_LOG_FILE "pcr.log"
39 #define IFAPI_OBJECT_TYPE ".json"
40 #define IFAPI_OBJECT_FILE "object.json"
41 #define IFAPI_SRK_KEY_PATH "/HS/SRK"
42 #define IFAPI_EK_KEY_PATH "/HE/EK"
43 #define IFAPI_HS_PATH "/HS"
44 #define IFAPI_HE_PATH "/HE"
45 #define IFAPI_HN_PATH "/HN"
46 #define IFAPI_LOCKOUT_PATH "/LOCKOUT"
47 #define IFAPI_SRK_OBJECT_PATH "/HS/SRK/object.json"
48 #define IFAPI_HS_OBJECT_PATH "/HS/object.json"
49 
50 typedef UINT32 TSS2_KEY_TYPE;
51 #define TSS2_SRK 2
52 #define TSS2_EK 3
53 #define MIN_EK_CERT_HANDLE 0x1c00000
54 #define MIN_PLATFORM_CERT_HANDLE 0x01C08000
55 #define MAX_PLATFORM_CERT_HANDLE 0x01C0FFFF
56 
57 typedef UINT8 IFAPI_SESSION_TYPE;
58 #define IFAPI_SESSION_GENEK 0x01
59 #define IFAPI_SESSION1 0x02
60 #define IFAPI_SESSION2 0x04
61 
62 #define IFAPI_POLICY_PATH "policy"
63 #define IFAPI_NV_PATH "nv"
64 #define IFAPI_EXT_PATH "ext"
65 #define IFAPI_FILE_DELIM "/"
66 #define IFAPI_LIST_DELIM ":"
67 #define IFAPI_FILE_DELIM_CHAR '/'
68 #define IFAPI_PUB_KEY_DIR "ext"
69 #define IFAPI_POLICY_DIR "policy"
70 #define IFAPI_PEM_PUBLIC_STRING "-----BEGIN PUBLIC KEY-----"
71 #define IFAPI_PEM_PRIVATE_KEY "-----PRIVATE KEY-----"
72 #define IFAPI_JSON_TAG_POLICY "policy"
73 #define IFAPI_JSON_TAG_OBJECT_TYPE "objectType"
74 #define IFAPI_JSON_TAG_DUPLICATE "public_parent"
75 
76 #define FAPI_WRITE W_OK
77 #define FAPI_READ R_OK
78 
79 #if TPM2_MAX_NV_BUFFER_SIZE > TPM2_MAX_DIGEST_BUFFER
80 #define IFAPI_MAX_BUFFER_SIZE TPM2_MAX_NV_BUFFER_SIZE
81 #else
82 #define IFAPI_MAX_BUFFER_SIZE TPM2_MAX_DIGEST_BUFFER
83 #endif
84 
85 #define IFAPI_FLUSH_PARENT true
86 #define IFAPI_NOT_FLUSH_PARENT false
87 
88 /* Definition of FAPI buffer for TPM2B transmission */
89 typedef struct {
90  UINT16 size;
91  BYTE buffer[IFAPI_MAX_BUFFER_SIZE];
93 
94 #define OSSL_FREE(S,TYPE) if((S) != NULL) {TYPE##_free((void*) (S)); (S)=NULL;}
95 
96 
97 #define FAPI_COPY_DIGEST(dest_buffer, dest_size, src, src_size) \
98  if (src_size > sizeof(TPMU_HA)) { \
99  return_error(TSS2_FAPI_RC_BAD_VALUE, "Digest size too large."); \
100  } \
101  memcpy(dest_buffer, (src), (src_size)); \
102  dest_size = src_size
103 
104 #define HASH_UPDATE(CONTEXT, TYPE, OBJECT, R, LABEL) \
105  { \
106  uint8_t buffer[sizeof(TYPE)]; \
107  size_t offset = 0; \
108  R = Tss2_MU_ ## TYPE ## _Marshal(OBJECT, \
109  &buffer[0], sizeof(TYPE), &offset); \
110  goto_if_error(R, "Marshal for hash update", LABEL); \
111  R = ifapi_crypto_hash_update(CONTEXT, \
112  (const uint8_t *) &buffer[0], \
113  offset); \
114  goto_if_error(R, "crypto hash update", LABEL); }
115 
116 #define HASH_UPDATE_BUFFER(CONTEXT, BUFFER, SIZE, R, LABEL) \
117  R = ifapi_crypto_hash_update(CONTEXT, \
118  (const uint8_t *) BUFFER, SIZE) ; \
119  goto_if_error(R, "crypto hash update", LABEL);
120 
121 #define FAPI_SYNC(r,msg,label, ...) \
122  if (base_rc(r) == TSS2_BASE_RC_TRY_AGAIN) \
123  return TSS2_FAPI_RC_TRY_AGAIN; \
124  if (r != TSS2_RC_SUCCESS) { \
125  LOG_ERROR(TPM2_ERROR_FORMAT " " msg, TPM2_ERROR_TEXT(r), ## __VA_ARGS__); \
126  goto label; \
127  }
128 
130 enum IFAPI_GET_CERT_STATE {
131  GET_CERT_INIT = 0,
132  GET_CERT_WAIT_FOR_GET_CAP,
133  GET_CERT_GET_CERT_NV,
134  GET_CERT_GET_CERT_NV_FINISH,
135  GET_CERT_GET_CERT_READ_PUBLIC,
136  GET_CERT_GET_CERT_READ_HIERARCHY,
137  GET_CERT_READ_CERT
138 };
139 
141 enum IFAPI_CLEANUP_STATE {
142  CLEANUP_INIT = 0,
143  CLEANUP_SESSION1,
144  CLEANUP_SESSION2,
145  CLEANUP_SRK
146 };
147 
149 enum IFAPI_READ_NV_PUBLIC_STATE {
150  READ_NV_PUBLIC_INIT = 0,
151  READ_NV_PUBLIC_GET_ESYS_TR,
152  READ_NV_PUBLIC_GET_PUBLIC
153 };
154 
155 #define IFAPI_MAX_CAP_INFO 17
156 
157 typedef struct {
158  char *description;
159  TPMS_CAPABILITY_DATA *capability;
161 
162 typedef struct {
163  char *fapi_version;
165  IFAPI_CAP_INFO cap[IFAPI_MAX_CAP_INFO];
166 } IFAPI_INFO;
167 
170 typedef struct {
171  TPMI_YES_NO system;
173  TPMI_YES_NO persistent;
175  TPM2B_PUBLIC public;
177 
180 typedef struct {
181  TPMI_YES_NO system;
183  TPMI_RH_HIERARCHY hierarchy;
184  char *description;
185  TPMS_NV_PUBLIC public;
187 
190 typedef struct {
191  TPMT_SIG_SCHEME sig_scheme;
192  TPMS_ATTEST attest;
194 
195 
197 enum _FAPI_STATE_NV_READ {
198  NV_READ_INIT = 0,
199  NV_READ_AUTHORIZE,
200  NV_READ_AUTHORIZE2,
201  NV_READ_AUTH_SENT,
202  NV_READ_CHECK_HANDLE,
203  NV_READ_GET_CAPABILITY,
204  NV_READ_GET_ESYS_HANDLE,
205  NV_READ_GET_NV_PUBLIC
206 };
207 
209 enum _FAPI_STATE_NV_WRITE {
210  NV2_WRITE_INIT = 0,
211  NV2_WRITE_READ,
212  NV2_WRITE_WAIT_FOR_SESSSION,
213  NV2_WRITE_NULL_AUTH_SENT,
214  NV2_WRITE_AUTH_SENT,
215  NV2_WRITE_WRITE_PREPARE,
216  NV2_WRITE_WRITE,
217  NV2_WRITE_AUTHORIZE,
218  NV2_WRITE_AUTHORIZE2
219 };
220 
223 typedef struct {
224  char *nvPath ;
225  char *policyPath;
226  TPM2B_NV_PUBLIC public;
229  TPM2_HANDLE tpm_handle;
230  size_t numBytes;
231  UINT16 bytesRequested;
232  UINT16 offset;
233  size_t data_idx;
234  const uint8_t *data;
235  uint8_t *rdata;
236  size_t size;
239  TPM2B_AUTH auth;
242  uint64_t bitmap;
243  IFAPI_NV_TEMPLATE public_templ;
245  enum _FAPI_STATE_NV_READ nv_read_state;
246  enum _FAPI_STATE_NV_WRITE nv_write_state;
247  uint8_t *write_data;
248  char *logData;
249  json_object *jso_event_log;
250  TPMI_RH_NV_INDEX maxNvIndex;
252  TPML_DIGEST_VALUES digests;
254 } IFAPI_NV_Cmds;
255 
258 typedef struct {
259  TPMS_CAPABILITY_DATA *capability; /* TPM capability data to check available algs */
260  char **pathlist;
261  size_t numPaths;
264  size_t primary_idx;
265  size_t path_idx;
268 
271 typedef struct {
272  TPML_DIGEST_VALUES digest_list;
273  TPML_DIGEST_VALUES *event_digests;
275  TPML_PCR_SELECTION pcr_selection;
276  TPML_PCR_SELECTION *pcr_selection_out;
277  UINT32 update_count;
278  TPML_DIGEST *pcrValues; /* The values returned by PCR_Read */
279  TPM2_HANDLE pcrIndex;
280  TPMI_ALG_HASH hashAlg;
281  const char *keyPath;
284  TPMS_CAPABILITY_DATA *capabilityData; /* TPM capability data to check available algs */
285  uint32_t *pcrList;
286  size_t pcrListSize;
287  TPM2B_DATA qualifyingData;
288  uint8_t const *eventData;
289  TPM2B_EVENT event;
290  size_t eventDataSize;
291  uint32_t const *hashAlgs;
292  uint32_t *hashAlgs2;
293  size_t numHashAlgs;
294  char const *quoteInfo;
295  TPM2B_ATTEST *tpm_quoted;
296  TPMT_SIGNATURE *tpm_signature;
297  uint8_t *signature;
298  size_t signatureSize;
299  char const *logData;
300  char *pcrLog;
301  IFAPI_EVENT pcr_event;
302  json_object *event_list;
303  FAPI_QUOTE_INFO fapi_quote_info;
304  uint8_t *pcrValue;
305  size_t pcrValueSize;
306  char *event_log_file;
307 } IFAPI_PCR;
308 
311 typedef struct {
312  char *description;
315  char *object_path;
316  json_object *jso;
317  char *jso_string;
319 
322 typedef struct {
323  size_t numBytes;
324  size_t idx;
325  UINT16 bytesRequested;
326  uint8_t *data;
327  uint8_t *ret_data;
329 
332 typedef struct {
333  const char *pem_cert;
334  char *pem_cert_dup;
335  const char *key_path;
339 
341 enum IFAPI_KEY_CREATE_STATE {
342  KEY_CREATE_INIT = 0,
343  KEY_CREATE_WAIT_FOR_SESSION,
344  KEY_CREATE_WAIT_FOR_PARENT,
345  KEY_CREATE_AUTH_SENT,
346  KEY_CREATE_WAIT_FOR_LOAD_AUTHORIZATION,
347  KEY_CREATE_WAIT_FOR_KEY,
348  KEY_CREATE_WAIT_FOR_HIERARCHY,
349  KEY_CREATE_AUTHORIZE_HIERARCHY,
350  KEY_CREATE_WAIT_FOR_EVICT_CONTROL,
351  KEY_CREATE_WRITE_PREPARE,
352  KEY_CREATE_WRITE,
353  KEY_CREATE_FLUSH1,
354  KEY_CREATE_FLUSH2,
355  KEY_CREATE_CALCULATE_POLICY,
356  KEY_CREATE_PRIMARY_CALCULATE_POLICY,
357  KEY_CREATE_WAIT_FOR_AUTHORIZATION,
358  KEY_CREATE_CLEANUP,
359  KEY_CREATE_WAIT_FOR_RANDOM,
360  KEY_CREATE_PRIMARY_INIT,
361  KEY_CREATE_PRIMARY_WAIT_FOR_SESSION,
362  KEY_CREATE_PRIMARY_WAIT_FOR_HIERARCHY,
363  KEY_CREATE_PRIMARY_WAIT_FOR_AUTHORIZE1,
364  KEY_CREATE_PRIMARY_WAIT_FOR_AUTHORIZE2,
365  KEY_CREATE_PRIMARY_WAIT_FOR_PRIMARY,
366  KEY_CREATE_PRIMARY_WAIT_FOR_EVICT_CONTROL,
367  KEY_CREATE_PRIMARY_FLUSH,
368  KEY_CREATE_PRIMARY_WRITE_PREPARE,
369  KEY_CREATE_PRIMARY_WRITE,
370  KEY_CREATE_PRIMARY_CLEANUP
371 };
372 
375 typedef struct {
376  enum IFAPI_KEY_CREATE_STATE state;
377  const char *keyPath;
382  TPM2B_PUBLIC public;
384  TPM2B_SENSITIVE_CREATE inSensitive;
385  TPM2B_DATA outsideInfo;
386  TPML_PCR_SELECTION creationPCR;
387  ESYS_TR handle;
388  const char *authValue;
389  const char *policyPath;
390  const IFAPI_PROFILE *profile;
394 
397 typedef struct {
398  char const *keyPath;
399  uint8_t const *in_data;
400  size_t in_dataSize;
403  size_t numBytes;
404  size_t decrypt;
405  UINT16 bytesRequested;
406  TPMT_RSA_DECRYPT rsa_scheme;
407  ESYS_TR object_handle;
408  char *policy_path;
409  ESYS_TR auth_session;
410  const IFAPI_PROFILE *profile;
411  uint8_t *plainText;
412  size_t plainTextSize;
413  uint8_t *cipherText;
414  size_t cipherTextSize;
416 
418 enum FAPI_SIGN_STATE {
419  SIGN_INIT = 0,
420  SIGN_WAIT_FOR_SESSION,
421  SIGN_WAIT_FOR_KEY,
422  SIGN_AUTH_SENT,
423  SIGN_WAIT_FOR_FLUSH
424 };
425 
428 typedef struct {
429  enum FAPI_SIGN_STATE state;
430  const char *keyPath;
432  TPM2B_DIGEST digest;
433  TPMT_SIG_SCHEME scheme;
435  TPMT_SIGNATURE *tpm_signature;
436  TPMI_YES_NO decrypt;
437  TPMT_SIGNATURE *signature;
438  char const *padding;
439  char *certificate;
440  uint8_t *ret_signature;
441  size_t signatureSize;
442  char *publicKey;
444 
447 typedef struct {
448  const char *keyPath;
450  TPM2B_SENSITIVE_DATA *unseal_data;
451 } IFAPI_Unseal;
452 
453 
456 typedef struct {
457  TPMS_CAPABILITY_DATA *capability_data;
458  TPMS_CAPABILITY_DATA *fetched_data;
459  size_t idx_info_cap;
460  IFAPI_INFO info_obj;
461  UINT32 property_count;
462  UINT32 property;
463 } IFAPI_GetInfo;
464 
466 enum IFAPI_HIERACHY_AUTHORIZATION_STATE {
467  HIERARCHY_CHANGE_AUTH_INIT = 0,
468  HIERARCHY_CHANGE_AUTH_NULL_AUTH_SENT,
469  HIERARCHY_CHANGE_AUTH_AUTH_SENT
470 };
471 
473 enum IFAPI_HIERACHY_POLICY_AUTHORIZATION_STATE {
474  HIERARCHY_CHANGE_POLICY_INIT = 0,
475  HIERARCHY_CHANGE_POLICY_NULL_AUTH_SENT,
476  HIERARCHY_CHANGE_POLICY_AUTHORIZE,
477  HIERARCHY_CHANGE_POLICY_AUTH_SENT
478 };
479 
482 typedef struct {
483  const char *entityPath;
486  const char *authValue;
487  TPM2B_AUTH newAuthValue;
488  TPM2B_PRIVATE *newPrivate;
493  char **pathlist;
494  size_t numPaths;
497 
500 typedef struct {
501  const char *policyPath;
502  const char *signingKeyPath;
503  TPM2B_DIGEST policyRef;
504  TPMS_POLICYAUTHORIZATION authorization;
506 
509 typedef struct {
510  const char *policyPath;
511  TPMI_ALG_HASH *hash_alg;
512  size_t hash_size;
513  size_t digest_idx;
515 
518 typedef struct {
526  TPM2B_PUBLIC public;
527  char **pathlist;
528  size_t numPaths;
530  size_t hiearchy_idx;
531  size_t path_idx;
533  TPM2B_SENSITIVE_CREATE inSensitive;
534  TPM2B_DATA outsideInfo;
535  TPML_PCR_SELECTION creationPCR;
536  ESYS_TR handle;
537  const char *authValueLockout;
538  const char *authValueEh;
539  const char *policyPathEh;
540  const char *authValueSh;
541  const char *policyPathSh;
542  size_t digest_idx;
543  size_t hash_size;
544  TPM2_HANDLE cert_nv_idx;
545  TPM2B_NV_PUBLIC *nvPublic;
546  ESYS_TR esys_nv_cert_handle;
547  char *pem_cert;
548  TPM2_ALG_ID cert_key_type;
549  size_t cert_count;
550  size_t cert_idx;
551  TPMS_CAPABILITY_DATA *capabilityData;
552  IFAPI_OBJECT hierarchy_object;
553  TPM2B_AUTH hierarchy_auth;
554  TPM2B_DIGEST policy_digest;
555  char *intermed_crt;
556  char *root_crt;
557  TPMA_PERMANENT auth_state;
558  ESYS_TR srk_esys_handle;
559  ESYS_TR ek_esys_handle;
560  ESYS_TR srk_tpm_handle;
561  ESYS_TR ek_tpm_handle;
562  bool srk_exists;
563  TPM2_HANDLE template_nv_index;
564  TPM2_HANDLE nonce_nv_index;
566 
569 typedef struct {
570  char *path;
572  IFAPI_OBJECT pkey_object;
573  TPM2B_SENSITIVE_CREATE inSensitive;
574  TPM2B_DATA outsideInfo;
575  TPML_PCR_SELECTION creationPCR;
576  ESYS_TR handle;
577  TPMI_DH_PERSISTENT persistent_handle;
578  TPMS_CAPABILITY_DATA *capabilityData;
580 
583 typedef struct {
584  const char *keyPath;
585  uint8_t const *signature;
586  size_t signatureSize;
587  uint8_t const *digest;
588  size_t digestSize;
589  IFAPI_OBJECT key_object;
591 
593 enum IFAPI_STATE_POLICY {
594  POLICY_INIT = 0,
595  POLICY_READ,
596  POLICY_READ_FINISH,
597  POLICY_INSTANTIATE_PREPARE,
598  POLICY_INSTANTIATE,
599  POLICY_EXECUTE_PREPARE,
600  POLICY_EXECUTE,
601  POLICY_FLUSH
602 };
603 
606 
608 enum FAPI_CREATE_SESSION_STATE {
609  CREATE_SESSION_INIT = 0,
610  CREATE_SESSION,
611  WAIT_FOR_CREATE_SESSION
612 };
613 
616 typedef struct {
617  enum IFAPI_STATE_POLICY state;
618  struct TPMS_POLICY policy;
619  size_t digest_idx;
620  size_t hash_size;
621  char **pathlist;
622  TPMI_ALG_HASH hash_alg;
626  IFAPI_POLICYUTIL_STACK *util_current_policy;
633  enum FAPI_CREATE_SESSION_STATE create_session_state;
634  char *path;
637 
639 enum IFAPI_STATE_FILE_SEARCH {
640  FSEARCH_INIT = 0,
641  FSEARCH_READ,
642  FSEARCH_OBJECT
643 };
644 
647 typedef struct {
648  enum IFAPI_STATE_FILE_SEARCH state;
649  char **pathlist;
650  size_t path_idx;
651  size_t numPaths;
652  char *current_path;
654 
656 enum _FAPI_STATE_PREPARE_LOAD_KEY {
657  PREPARE_LOAD_KEY_INIT = 0,
658  PREPARE_LOAD_KEY_WAIT_FOR_SESSION,
659  PREPARE_LOAD_KEY_INIT_KEY,
660  PREPARE_LOAD_KEY_WAIT_FOR_KEY
661 };
662 
664 enum _FAPI_STATE_LOAD_KEY {
665  LOAD_KEY_GET_PATH = 0,
666  LOAD_KEY_READ_KEY,
667  LOAD_KEY_WAIT_FOR_PRIMARY,
668  LOAD_KEY_LOAD_KEY,
669  LOAD_KEY_AUTH,
670  LOAD_KEY_AUTHORIZE
671 };
672 
675 typedef struct {
676  char const *pathOfKeyToDuplicate;
678  TPM2B_PUBLIC public_parent;
683  struct TPMS_POLICY policy;
684  ESYS_TR handle_ext_key;
685  char *exportedData;
687 
690 typedef struct {
691  char const *path;
695  TPMI_ALG_HASH hashAlg;
696  size_t profile_idx;
701 
704 typedef struct {
705  IFAPI_OBJECT object;
706  TPM2B_NAME parent_name;
707  IFAPI_OBJECT *parent_object;
708  IFAPI_OBJECT new_object;
709  char *parent_path;
710  char *out_path;
711  TPM2B_PRIVATE *private;
712  char *jso_string;
713  const IFAPI_PROFILE *profile;
715 
716 
719 typedef struct {
720  enum _FAPI_STATE_LOAD_KEY state;
721  enum _FAPI_STATE_PREPARE_LOAD_KEY prepare_state;
723  NODE_OBJECT_T *key_list;
724  IFAPI_OBJECT auth_object;
725  size_t position;
726  ESYS_TR handle;
727  ESYS_TR parent_handle;
728  bool parent_handle_persistent;
729  IFAPI_OBJECT *key_object;
730  char *key_path;
731  char const *path;
732 } IFAPI_LoadKey;
733 
736 typedef struct {
737  bool is_key;
739  ESYS_TR new_object_handle;
740  TPM2_HANDLE permanentHandle;
743  char *path;
745  char **pathlist;
746  size_t numPaths;
747  size_t path_idx;
749 
752 typedef struct {
753  uint8_t type;
754  uint8_t *data;
755  size_t length;
756  bool is_key;
758  ESYS_TR new_object_handle;
759  TPM2_HANDLE permanentHandle;
762  char *path;
766 
769 typedef struct {
770  const char *searchPath;
772 
778 typedef union {
779  IFAPI_Provision Provision;
780  IFAPI_Key_Create Key_Create;
781  IFAPI_Key_SetCertificate Key_SetCertificate;
782  IFAPI_Entity_ChangeAuth Entity_ChangeAuth;
783  IFAPI_Entity_Delete Entity_Delete;
784  IFAPI_GetEsysBlob GetEsysBlob;
785  IFAPI_Entities_List Entities_List;
786  IFAPI_Key_VerifySignature Key_VerifySignature;
787  IFAPI_Data_EncryptDecrypt Data_EncryptDecrypt;
788  IFAPI_PCR pcr;
789  IFAPI_INITIALIZE Initialize;
790  IFAPI_Path_SetDescription path_set_info;
791  IFAPI_Fapi_AuthorizePolicy Policy_AuthorizeNewPolicy;
792  IFAPI_api_WriteAuthorizeNv WriteAuthorizeNV;
793  IFAPI_ExportKey ExportKey;
794  IFAPI_ImportKey ImportKey;
795  IFAPI_Unseal Unseal;
796  IFAPI_GetInfo GetInfo;
797  IFAPI_ExportPolicy ExportPolicy;
799 
801 enum _FAPI_STATE_PRIMARY {
802  PRIMARY_INIT = 0,
803  PRIMARY_READ_KEY,
804  PRIMARY_READ_HIERARCHY,
805  PRIMARY_READ_HIERARCHY_FINISH,
806  PRIMARY_AUTHORIZE_HIERARCHY,
807  PRIMARY_GET_AUTH_VALUE,
808  PRIMARY_WAIT_FOR_PRIMARY,
809  PRIMARY_HAUTH_SENT,
810  PRIMARY_CREATED,
811  PRIMARY_VERIFY_PERSISTENT,
812  PRIMARY_GET_CAP
813 };
814 
816 enum _FAPI_STATE_SESSION {
817  SESSION_INIT = 0,
818  SESSION_WAIT_FOR_PRIMARY,
819  SESSION_CREATE_SESSION,
820  SESSION_WAIT_FOR_SESSION1,
821  SESSION_WAIT_FOR_SESSION2
822 };
823 
825 enum _FAPI_STATE_GET_RANDOM {
826  GET_RANDOM_INIT = 0,
827  GET_RANDOM_SENT
828 };
829 
831 enum _FAPI_FLUSH_STATE {
832  FLUSH_INIT = 0,
833  WAIT_FOR_FLUSH
834 };
835 
837 enum _FAPI_STATE {
838  _FAPI_STATE_INIT = 0,
841  _FAPI_STATE_INTERNALERROR,
843  INITIALIZE_READ,
844  INITIALIZE_INIT_TCTI,
845  INITIALIZE_GET_CAP,
846  INITIALIZE_WAIT_FOR_CAP,
847  INITIALIZE_READ_PROFILE,
848  INITIALIZE_READ_PROFILE_INIT,
849  INITIALIZE_READ_TIME,
850  INITIALIZE_CHECK_NULL_PRIMARY,
851  INITIALIZE_READ_NULL_PRIMARY,
852  PROVISION_WAIT_FOR_GET_CAP_AUTH_STATE,
853  PROVISION_WAIT_FOR_GET_CAP0,
854  PROVISION_WAIT_FOR_GET_CAP1,
855  PROVISION_INIT_GET_CAP2,
856  PROVISION_WAIT_FOR_GET_CAP2,
857  PROVISION_GET_CERT_NV,
858  PROVISION_GET_CERT_NV_FINISH,
859  PROVISION_GET_CERT_READ_PUBLIC,
860  PROVISION_READ_CERT,
861  PROVISION_PREPARE_READ_ROOT_CERT,
862  PROVISION_READ_ROOT_CERT,
863  PROVISION_PREPARE_READ_INT_CERT,
864  PROVISION_READ_INT_CERT,
865  PROVISION_INIT,
866  PROVISION_INIT_SRK,
867  PROVISION_WAIT_FOR_EK_SESSION,
868  PROVISION_WAIT_FOR_SRK_SESSION,
869  PROVISION_AUTH_EK_NO_AUTH_SENT,
870  PROVISION_AUTH_EK_AUTH_SENT,
871  PROVISION_AUTH_SRK_NO_AUTH_SENT,
872  PROVISION_AUTH_SRK_AUTH_SENT,
873  PROVISION_CLEAN_EK_SESSION,
874  PROVISION_CLEAN_SRK_SESSION,
875  PROVISION_EK_WRITE_PREPARE,
876  PROVISION_EK_WRITE,
877  PROVISION_EK_CHECK_CERT,
878  PROVISION_SRK_WRITE_PREPARE,
879  PROVISION_SRK_WRITE,
880  PROVISION_WAIT_FOR_EK_PERSISTENT,
881  PROVISION_WAIT_FOR_SRK_PERSISTENT,
882  PROVISION_CHANGE_LOCKOUT_AUTH,
883  PROVISION_CHANGE_EH_CHECK,
884  PROVISION_CHANGE_EH_AUTH,
885  PROVISION_CHANGE_SH_CHECK,
886  PROVISION_CHANGE_SH_AUTH,
887  PROVISION_EH_CHANGE_POLICY,
888  PROVISION_SH_CHANGE_POLICY,
889  PROVISION_LOCKOUT_CHANGE_POLICY,
890  PROVISION_FINISHED,
891  PROVISION_WRITE_SH,
892  PROVISION_WRITE_EH,
893  PROVISION_PREPARE_NULL,
894  PROVISION_WRITE_NULL,
895  PROVISION_WRITE_LOCKOUT,
896  PROVISION_WRITE_LOCKOUT_PARAM,
897  PROVISION_PREPARE_LOCKOUT_PARAM,
898  PROVISION_AUTHORIZE_LOCKOUT,
899  PROVISION_FLUSH_SRK,
900  PROVISION_FLUSH_EK,
901  PROVISION_CHECK_FOR_VENDOR_CERT,
902  PROVISION_GET_VENDOR,
903  PROVISION_GET_HIERARCHIES,
904  PROVISION_READ_HIERARCHIES,
905  PROVISION_READ_HIERARCHY,
906  PROVISION_WRITE_HIERARCHIES,
907  PROVISION_WRITE_HIERARCHY,
908  PROVISION_PREPARE_GET_CAP_AUTH_STATE,
909  PROVISION_SRK_GET_PERSISTENT_NAME,
910  PROVISION_CHECK_SRK_EVICT_CONTROL,
911  PROVISION_AUTHORIZE_HS_FOR_EK_EVICT,
912  PROVISION_PREPARE_EK_EVICT,
913  PROVISION_READ_EK_TEMPLATE,
914  PROVISION_READ_EK_NONCE,
915 
916  KEY_CREATE,
917  KEY_CREATE_PRIMARY,
918 
919  CREATE_SEAL,
920 
921  KEY_SET_CERTIFICATE_READ,
922  KEY_SET_CERTIFICATE_WRITE,
923 
924  KEY_GET_CERTIFICATE_READ,
925 
926  GET_RANDOM_WAIT_FOR_SESSION,
927  GET_RANDOM_WAIT_FOR_RANDOM,
928  GET_RANDOM_CLEANUP,
929 
930  NV_CREATE_READ_PROFILE,
931  NV_CREATE_READ_HIERARCHY,
932  NV_CREATE_AUTHORIZE_HIERARCHY,
933  NV_CREATE_GET_INDEX,
934  NV_CREATE_FIND_INDEX,
935  NV_CREATE_WAIT_FOR_SESSION,
936 
937  NV_CREATE_AUTH_SENT,
938  NV_CREATE_WRITE,
939  NV_CREATE_CALCULATE_POLICY,
940 
941  NV_WRITE_READ,
942  NV_WRITE_WRITE,
943  NV_WRITE_CLEANUP,
944 
945  NV_EXTEND_READ,
946  NV_EXTEND_WAIT_FOR_SESSION,
947  NV_EXTEND_AUTHORIZE,
948  NV_EXTEND_AUTH_SENT,
949  NV_EXTEND_WRITE,
950  NV_EXTEND_CLEANUP,
951 
952  NV_INCREMENT_READ,
953  NV_INCREMENT_WAIT_FOR_SESSION,
954  NV_INCREMENT_AUTHORIZE,
955  NV_INCREMENT_AUTH_SENT,
956  NV_INCREMENT_WRITE,
957  NV_INCREMENT_CLEANUP,
958 
959  NV_SET_BITS_READ,
960  NV_SET_BITS_WAIT_FOR_SESSION,
961  NV_SET_BITS_AUTHORIZE,
962  NV_SET_BITS_AUTH_SENT,
963  NV_SET_BITS_WRITE,
964  NV_SET_BITS_CLEANUP,
965 
966  NV_READ_READ,
967  NV_READ_WAIT,
968  NV_READ_WAIT_FOR_SESSION,
969  NV_READ_CLEANUP,
970 
971  ENTITY_DELETE_GET_FILE,
972  ENTITY_DELETE_READ,
973  ENTITY_DELETE_WAIT_FOR_SESSION,
974  ENTITY_DELETE_NULL_AUTH_SENT_FOR_KEY,
975  ENTITY_DELETE_AUTH_SENT_FOR_KEY,
976  ENTITY_DELETE_NULL_AUTH_SENT_FOR_NV,
977  ENTITY_DELETE_AUTH_SENT_FOR_NV,
978  ENTITY_DELETE_KEY,
979  ENTITY_DELETE_KEY_WAIT_FOR_HIERARCHY,
980  ENTITY_DELETE_KEY_WAIT_FOR_AUTHORIZATION,
981  ENTITY_DELETE_AUTHORIZE_NV,
982  ENTITY_DELETE_FILE,
983  ENTITY_DELETE_POLICY,
984  ENTITY_DELETE_REMOVE_DIRS,
985  ENTITY_DELETE_CLEANUP,
986  ENTITY_DELETE_READ_HIERARCHY,
987 
988  GET_ESYS_BLOB_GET_FILE,
989  GET_ESYS_BLOB_READ,
990  GET_ESYS_BLOB_NULL_AUTH_SENT_FOR_KEY,
991  GET_ESYS_BLOB_AUTH_SENT_FOR_KEY,
992  GET_ESYS_BLOB_NULL_AUTH_SENT_FOR_NV,
993  GET_ESYS_BLOB_AUTH_SENT_FOR_NV,
994  GET_ESYS_BLOB_KEY,
995  GET_ESYS_BLOB_WAIT_FOR_KEY,
996  GET_ESYS_BLOB_WAIT_FOR_CONTEXT_SAVE,
997  GET_ESYS_BLOB_SERIALIZE,
998  GET_ESYS_BLOB_FILE,
999  GET_ESYS_BLOB_WAIT_FOR_FLUSH,
1000  GET_ESYS_BLOB_CLEANUP,
1001 
1002  ENTITY_GET_TPM_BLOBS_READ,
1003 
1004  KEY_SIGN_WAIT_FOR_KEY,
1005  KEY_SIGN_WAIT_FOR_SIGN,
1006  KEY_SIGN_CLEANUP,
1007 
1008  ENTITY_CHANGE_AUTH_WAIT_FOR_SESSION,
1009  ENTITY_CHANGE_AUTH_WAIT_FOR_KEY,
1010  ENTITY_CHANGE_AUTH_AUTH_SENT,
1011  ENTITY_CHANGE_AUTH_WAIT_FOR_FLUSH,
1012  ENTITY_CHANGE_AUTH_WRITE_PREPARE,
1013  ENTITY_CHANGE_AUTH_WRITE,
1014  ENTITY_CHANGE_AUTH_WAIT_FOR_KEY_AUTH,
1015  ENTITY_CHANGE_AUTH_WAIT_FOR_NV_READ,
1016  ENTITY_CHANGE_AUTH_WAIT_FOR_NV_AUTH,
1017  ENTITY_CHANGE_AUTH_WAIT_FOR_NV_CHANGE_AUTH,
1018  ENTITY_CHANGE_AUTH_HIERARCHY_CHANGE_AUTH,
1019  ENTITY_CHANGE_AUTH_HIERARCHY_READ,
1020  ENTITY_CHANGE_AUTH_HIERARCHY_AUTHORIZE,
1021  ENTITY_CHANGE_AUTH_SAVE_HIERARCHIES_PREPARE,
1022  ENTITY_CHANGE_AUTH_SAVE_HIERARCHIES_FINISH,
1023  ENTITY_CHANGE_AUTH_CLEANUP,
1024 
1025  DATA_ENCRYPT_WAIT_FOR_PROFILE,
1026  DATA_ENCRYPT_WAIT_FOR_SESSION,
1027  DATA_ENCRYPT_WAIT_FOR_KEY,
1028  DATA_ENCRYPT_WAIT_FOR_FLUSH,
1029  DATA_ENCRYPT_WAIT_FOR_RSA_ENCRYPTION,
1030  DATA_ENCRYPT_CLEAN,
1031 
1032  DATA_DECRYPT_WAIT_FOR_PROFILE,
1033  DATA_DECRYPT_WAIT_FOR_SESSION,
1034  DATA_DECRYPT_WAIT_FOR_KEY,
1035  DATA_DECRYPT_WAIT_FOR_FLUSH,
1036  DATA_DECRYPT_WAIT_FOR_RSA_DECRYPTION,
1037  DATA_DECRYPT_AUTHORIZE_KEY,
1038  DATA_DECRYPT_CLEANUP,
1039 
1040  PCR_EXTEND_WAIT_FOR_SESSION,
1041  PCR_EXTEND_WAIT_FOR_GET_CAP,
1042  PCR_EXTEND_READ_EVENT_LOG,
1043  PCR_EXTEND_APPEND_EVENT_LOG,
1044  PCR_EXTEND_FINISH,
1045  PCR_EXTEND_CLEANUP,
1046 
1047  PCR_READ_READ_PCR,
1048  PCR_READ_READ_EVENT_LIST,
1049 
1050  PCR_QUOTE_WAIT_FOR_GET_CAP,
1051  PCR_QUOTE_WAIT_FOR_SESSION,
1052  PCR_QUOTE_WAIT_FOR_KEY,
1053  PCR_QUOTE_AUTH_SENT,
1054  PCR_QUOTE_AUTHORIZE,
1055  PCR_QUOTE_WAIT_FOR_FLUSH,
1056  PCR_QUOTE_READ_EVENT_LIST,
1057  PCR_QUOTE_CLEANUP,
1058 
1059  PATH_SET_DESCRIPTION_READ,
1060  PATH_SET_DESCRIPTION_WRITE,
1061 
1062  PATH_GET_DESCRIPTION_READ,
1063 
1064  APP_DATA_SET_READ,
1065  APP_DATA_SET_WRITE,
1066 
1067  AUTHORIZE_NEW_CALCULATE_POLICY,
1068  AUTHORIZE_NEW_LOAD_KEY,
1069  AUTHORIZE_NEW_KEY_SIGN_POLICY,
1070  AUTHORIZE_NEW_WRITE_POLICY_PREPARE,
1071  AUTHORIZE_NEW_WRITE_POLICY,
1072  AUTHORIZE_NEW_CLEANUP,
1073 
1074  WRITE_AUTHORIZE_NV_READ_NV,
1075  WRITE_AUTHORIZE_NV_CALCULATE_POLICY,
1076  WRITE_AUTHORIZE_NV_WRITE_NV_RAM_PREPARE,
1077  WRITE_AUTHORIZE_NV_WRITE_NV_RAM,
1078  WRITE_AUTHORIZE_NV_WRITE_OBJCECT,
1079  WRITE_AUTHORIZE_NV_WRITE_POLICY_PREPARE,
1080  WRITE_AUTHORIZE_NV_WRITE_POLICY,
1081  WRITE_AUTHORIZE_NV_CLEANUP,
1082 
1083  EXPORT_KEY_READ_PUB_KEY,
1084  EXPORT_KEY_READ_PUB_KEY_PARENT,
1085  EXPORT_KEY_WAIT_FOR_KEY,
1086  EXPORT_KEY_WAIT_FOR_DUPLICATE,
1087  EXPORT_KEY_WAIT_FOR_EXT_KEY,
1088  EXPORT_KEY_WAIT_FOR_AUTHORIZATON,
1089  EXPORT_KEY_WAIT_FOR_FLUSH1,
1090  EXPORT_KEY_WAIT_FOR_FLUSH2,
1091  EXPORT_KEY_CLEANUP,
1092 
1093  IMPORT_KEY_WRITE_POLICY,
1094  IMPORT_KEY_WRITE,
1095  IMPORT_KEY_SEARCH,
1096  IMPORT_KEY_LOAD_PARENT,
1097  IMPORT_KEY_AUTHORIZE_PARENT,
1098  IMPORT_KEY_IMPORT,
1099  IMPORT_KEY_WAIT_FOR_FLUSH,
1100  IMPORT_KEY_WRITE_OBJECT_PREPARE,
1101  IMPORT_KEY_WRITE_OBJECT,
1102  IMPORT_KEY_CLEANUP,
1103  IMPORT_WAIT_FOR_SESSION,
1104  IMPORT_WAIT_FOR_PARENT,
1105  IMPORT_WAIT_FOR_AUTHORIZATION,
1106  IMPORT_WAIT_FOR_KEY,
1107  IMPORT_WRITE,
1108  IMPORT_FLUSH_PARENT,
1109  IMPORT_FLUSH_KEY,
1110  IMPORT_CLEANUP,
1111 
1112  UNSEAL_WAIT_FOR_KEY,
1113  UNSEAL_AUTHORIZE_OBJECT,
1114  UNSEAL_WAIT_FOR_UNSEAL,
1115  UNSEAL_WAIT_FOR_FLUSH,
1116  UNSEAL_CLEANUP,
1117 
1118  GET_PLATFORM_CERTIFICATE,
1119 
1120  POLICY_EXPORT_READ_OBJECT,
1121  POLICY_EXPORT_READ_OBJECT_FINISH,
1122  POLICY_EXPORT_READ_POLICY,
1123  POLICY_EXPORT_READ_POLICY_FINISH,
1124  POLICY_EXPORT_CHECK_DIGEST,
1125  POLICY_EXPORT_COMPUTE_POLICY_DIGEST,
1126 
1127  VERIFY_QUOTE_READ,
1128 
1129  GET_INFO_GET_CAP,
1130  GET_INFO_GET_CAP_MORE,
1131  GET_INFO_WAIT_FOR_CAP
1132 };
1133 
1141  Fapi_CB_Auth auth;
1142  void *authData;
1143  Fapi_CB_Branch branch;
1144  void *branchData;
1145  Fapi_CB_Sign sign;
1146  void *signData;
1147  Fapi_CB_PolicyAction action;
1148  void *actionData;
1149 };
1150 
1160  struct IFAPI_CALLBACKS callbacks;
1161  struct IFAPI_IO io;
1162  struct IFAPI_EVENTLOG eventlog;
1163  struct IFAPI_KEYSTORE keystore;
1164  struct IFAPI_POLICY_STORE pstore;
1165  struct IFAPI_PROFILES profiles;
1166  TPMS_TIME_INFO init_time;
1168  enum _FAPI_STATE state;
1169  enum _FAPI_STATE_PRIMARY primary_state;
1170  enum _FAPI_STATE_SESSION session_state;
1171  enum _FAPI_STATE_GET_RANDOM get_random_state;
1172  enum IFAPI_HIERACHY_AUTHORIZATION_STATE hierarchy_state;
1173  enum IFAPI_HIERACHY_POLICY_AUTHORIZATION_STATE hierarchy_policy_state;
1174  enum IFAPI_GET_CERT_STATE get_cert_state;
1175  enum _FAPI_FLUSH_STATE flush_object_state;
1176  enum IFAPI_CLEANUP_STATE cleanup_state;
1177  enum IFAPI_READ_NV_PUBLIC_STATE read_nv_public_state;
1179  UINT32 nv_buffer_max;
1182  IFAPI_NV_Cmds nv_cmd;
1183  IFAPI_GetRandom get_random;
1184  IFAPI_CreatePrimary createPrimary;
1185  IFAPI_LoadKey loadKey;
1189  ESYS_TR ek_handle;
1190  ESYS_TR srk_handle;
1191  TPMI_DH_PERSISTENT ek_persistent;
1192  TPMI_DH_PERSISTENT srk_persistent;
1193  IFAPI_SESSION_TYPE session_flags;
1194  TPMA_SESSION session1_attribute_flags;
1195  TPMA_SESSION session2_attribute_flags;
1200  enum IFAPI_IO_STATE io_state;
1201  NODE_OBJECT_T *object_list;
1203  IFAPI_OBJECT *current_auth_object;
1204 };
1205 
1206 #define VENDOR_IFX 0x49465800
1207 #define VENDOR_INTC 0x494E5443
1208 #define VEDNOR_IBM 0x49424D20
1209 
1210 #endif /* FAPI_INT_H */
uint32_t ESYS_TR
Definition: tss2_esys.h:16
Definition: esys_int.h:161
Definition: ifapi_keystore.h:150
Definition: fapi_int.h:1157
IFAPI_Key_Sign Key_Sign
Definition: fapi_int.h:1199
UINT32 nv_buffer_max
Definition: fapi_int.h:1179
ESYS_TR session2
Definition: fapi_int.h:1187
IFAPI_MAX_BUFFER aux_data
Definition: fapi_int.h:1196
enum _FAPI_FLUSH_STATE flush_object_state
Definition: fapi_int.h:1175
enum _FAPI_STATE_PRIMARY primary_state
Definition: fapi_int.h:1169
IFAPI_CMD_STATE cmd
Definition: fapi_int.h:1180
IFAPI_FILE_SEARCH_CTX fsearch
Definition: fapi_int.h:1198
IFAPI_OBJECT * duplicate_key
Definition: fapi_int.h:1202
struct IFAPI_CALLBACKS callbacks
Definition: fapi_int.h:1160
enum _FAPI_STATE state
Definition: fapi_int.h:1168
ESYS_CONTEXT * esys
Definition: fapi_int.h:1158
IFAPI_CONFIG config
Definition: fapi_int.h:1178
ESYS_TR session1
Definition: fapi_int.h:1186
enum IFAPI_CLEANUP_STATE cleanup_state
Definition: fapi_int.h:1176
TPMS_TIME_INFO init_time
Definition: fapi_int.h:1166
ESYS_TR policy_session
Definition: fapi_int.h:1188
enum _FAPI_STATE_SESSION session_state
Definition: fapi_int.h:1170
IFAPI_POLICY_CTX policy
Definition: fapi_int.h:1197
enum _FAPI_STATE_GET_RANDOM get_random_state
Definition: fapi_int.h:1171
Definition: fapi_int.h:190
TPMT_SIG_SCHEME sig_scheme
Definition: fapi_int.h:191
TPMS_ATTEST attest
Definition: fapi_int.h:192
Definition: fapi_int.h:1140
Definition: fapi_int.h:157
Definition: ifapi_config.h:20
Definition: fapi_int.h:569
IFAPI_OBJECT hierarchy
Definition: fapi_int.h:571
char * path
Definition: fapi_int.h:570
Definition: fapi_int.h:397
IFAPI_OBJECT * key_object
Definition: fapi_int.h:401
char const * keyPath
Definition: fapi_int.h:398
UINT16 bytesRequested
Definition: fapi_int.h:405
size_t decrypt
Definition: fapi_int.h:404
ESYS_TR key_handle
Definition: fapi_int.h:402
size_t numBytes
Definition: fapi_int.h:403
Definition: ifapi_eventlog.h:77
Definition: ifapi_eventlog.h:94
Definition: fapi_int.h:769
const char * searchPath
Definition: fapi_int.h:770
Definition: fapi_int.h:482
IFAPI_OBJECT * key_object
Definition: fapi_int.h:485
char ** pathlist
Definition: fapi_int.h:493
IFAPI_OBJECT hiearchy_object
Definition: fapi_int.h:490
size_t numPathsCleanup
Definition: fapi_int.h:495
size_t numPaths
Definition: fapi_int.h:494
const char * authValue
Definition: fapi_int.h:486
TPM2B_PRIVATE * newPrivate
Definition: fapi_int.h:488
ESYS_TR hierarchy_handle
Definition: fapi_int.h:492
IFAPI_OBJECT object
Definition: fapi_int.h:489
ESYS_TR nv_index
Definition: fapi_int.h:491
ESYS_TR handle
Definition: fapi_int.h:484
TPM2B_AUTH newAuthValue
Definition: fapi_int.h:487
const char * entityPath
Definition: fapi_int.h:483
Definition: fapi_int.h:736
char ** pathlist
Definition: fapi_int.h:745
TPM2_HANDLE permanentHandle
Definition: fapi_int.h:740
size_t numPaths
Definition: fapi_int.h:746
char * path
Definition: fapi_int.h:743
bool is_key
Definition: fapi_int.h:737
IFAPI_OBJECT object
Definition: fapi_int.h:744
bool is_persistent_key
Definition: fapi_int.h:738
IFAPI_OBJECT auth_object
Definition: fapi_int.h:741
size_t path_idx
Definition: fapi_int.h:747
ESYS_TR auth_index
Definition: fapi_int.h:742
Definition: fapi_int.h:675
IFAPI_OBJECT * key_object
Definition: fapi_int.h:679
IFAPI_OBJECT dup_key
Definition: fapi_int.h:682
char const * pathToPublicKeyOfNewParent
Definition: fapi_int.h:677
IFAPI_OBJECT pub_key
Definition: fapi_int.h:681
TPM2B_PUBLIC public_parent
Definition: fapi_int.h:678
IFAPI_OBJECT export_tree
Definition: fapi_int.h:680
char const * pathOfKeyToDuplicate
Definition: fapi_int.h:676
Definition: fapi_int.h:690
size_t profile_idx
Definition: fapi_int.h:696
TPMS_POLICY policy
Definition: fapi_int.h:694
TPMI_ALG_HASH hashAlg
Definition: fapi_int.h:695
IFAPI_OBJECT object
Definition: fapi_int.h:693
bool compute_policy
Definition: fapi_int.h:697
char const * path
Definition: fapi_int.h:691
Definition: fapi_int.h:647
char ** pathlist
Definition: fapi_int.h:649
size_t numPaths
Definition: fapi_int.h:651
size_t path_idx
Definition: fapi_int.h:650
Definition: fapi_int.h:500
const char * signingKeyPath
Definition: fapi_int.h:502
const char * policyPath
Definition: fapi_int.h:501
Definition: fapi_int.h:752
IFAPI_OBJECT * key_object
Definition: fapi_int.h:764
TPM2_HANDLE permanentHandle
Definition: fapi_int.h:759
uint8_t type
Definition: fapi_int.h:753
char * path
Definition: fapi_int.h:762
bool is_key
Definition: fapi_int.h:756
IFAPI_OBJECT object
Definition: fapi_int.h:763
bool is_persistent_key
Definition: fapi_int.h:757
IFAPI_OBJECT auth_object
Definition: fapi_int.h:760
uint8_t * data
Definition: fapi_int.h:754
size_t length
Definition: fapi_int.h:755
ESYS_TR auth_index
Definition: fapi_int.h:761
Definition: fapi_int.h:456
TPMS_CAPABILITY_DATA * fetched_data
Definition: fapi_int.h:458
TPMS_CAPABILITY_DATA * capability_data
Definition: fapi_int.h:457
Definition: fapi_int.h:322
UINT16 bytesRequested
Definition: fapi_int.h:325
size_t idx
Definition: fapi_int.h:324
uint8_t * ret_data
Definition: fapi_int.h:327
size_t numBytes
Definition: fapi_int.h:323
uint8_t * data
Definition: fapi_int.h:326
Definition: fapi_int.h:162
IFAPI_CONFIG fapi_config
Definition: fapi_int.h:164
char * fapi_version
Definition: fapi_int.h:163
Definition: fapi_int.h:258
char ** pathlist
Definition: fapi_int.h:260
IFAPI_OBJECT * null_primaries
Definition: fapi_int.h:266
size_t numPaths
Definition: fapi_int.h:261
size_t primary_idx
Definition: fapi_int.h:264
size_t path_idx
Definition: fapi_int.h:265
size_t numNullPrimaries
Definition: fapi_int.h:262
Definition: ifapi_io.h:15
Definition: fapi_int.h:704
Definition: fapi_int.h:170
TPMI_YES_NO system
Definition: fapi_int.h:171
UINT32 persistent_handle
Definition: fapi_int.h:174
TPMI_YES_NO persistent
Definition: fapi_int.h:173
Definition: ifapi_keystore.h:121
Definition: fapi_int.h:375
IFAPI_OBJECT hierarchy
Definition: fapi_int.h:383
IFAPI_OBJECT parent
Definition: fapi_int.h:379
bool gen_sensitive_random
Definition: fapi_int.h:391
IFAPI_KEY_TEMPLATE public_templ
Definition: fapi_int.h:381
NODE_STR_T * path_list
Definition: fapi_int.h:378
IFAPI_OBJECT object
Definition: fapi_int.h:380
const char * keyPath
Definition: fapi_int.h:377
Definition: fapi_int.h:332
const char * key_path
Definition: fapi_int.h:335
NODE_STR_T * path_list
Definition: fapi_int.h:336
char * pem_cert_dup
Definition: fapi_int.h:334
const char * pem_cert
Definition: fapi_int.h:333
IFAPI_OBJECT key_object
Definition: fapi_int.h:337
Definition: fapi_int.h:428
IFAPI_OBJECT * key_object
Definition: fapi_int.h:434
uint8_t * ret_signature
Definition: fapi_int.h:440
TPM2B_DIGEST digest
Definition: fapi_int.h:432
TPMT_SIG_SCHEME scheme
Definition: fapi_int.h:433
char const * padding
Definition: fapi_int.h:438
TPMT_SIGNATURE * tpm_signature
Definition: fapi_int.h:435
TPMT_SIGNATURE * signature
Definition: fapi_int.h:437
char * certificate
Definition: fapi_int.h:439
ESYS_TR handle
Definition: fapi_int.h:431
char * publicKey
Definition: fapi_int.h:442
const char * keyPath
Definition: fapi_int.h:430
TPMI_YES_NO decrypt
Definition: fapi_int.h:436
Definition: fapi_int.h:583
Definition: fapi_int.h:719
NODE_STR_T * path_list
Definition: fapi_int.h:722
Definition: fapi_int.h:89
Definition: fapi_int.h:223
UINT16 bytesRequested
Definition: fapi_int.h:231
TPML_DIGEST_VALUES digests
Definition: fapi_int.h:252
ESYS_TR esys_auth_handle
Definition: fapi_int.h:227
IFAPI_EVENT pcr_event
Definition: fapi_int.h:251
bool skip_policy_computation
Definition: fapi_int.h:253
size_t data_idx
Definition: fapi_int.h:233
char * policyPath
Definition: fapi_int.h:225
const uint8_t * data
Definition: fapi_int.h:234
json_object * jso_event_log
Definition: fapi_int.h:249
ESYS_TR esys_handle
Definition: fapi_int.h:228
size_t size
Definition: fapi_int.h:236
char * nvPath
Definition: fapi_int.h:224
TPM2B_AUTH auth
Definition: fapi_int.h:239
uint64_t bitmap
Definition: fapi_int.h:242
size_t numBytes
Definition: fapi_int.h:230
uint8_t * rdata
Definition: fapi_int.h:235
IFAPI_OBJECT auth_object
Definition: fapi_int.h:237
IFAPI_OBJECT nv_object
Definition: fapi_int.h:238
char * logData
Definition: fapi_int.h:248
TPMI_RH_NV_INDEX maxNvIndex
Definition: fapi_int.h:250
UINT16 offset
Definition: fapi_int.h:232
TPM2_HANDLE tpm_handle
Definition: fapi_int.h:229
IFAPI_NV nv_obj
Definition: fapi_int.h:240
ESYS_TR auth_index
Definition: fapi_int.h:241
Definition: fapi_int.h:180
TPMI_YES_NO system
Definition: fapi_int.h:181
TPMI_RH_HIERARCHY hierarchy
Definition: fapi_int.h:183
char * description
Definition: fapi_int.h:184
Definition: ifapi_keystore.h:72
Definition: fapi_int.h:271
IFAPI_OBJECT * key_object
Definition: fapi_int.h:283
ESYS_TR PCR
Definition: fapi_int.h:274
TPM2B_DATA qualifyingData
Definition: fapi_int.h:287
size_t pcrListSize
Definition: fapi_int.h:286
TPML_PCR_SELECTION pcr_selection
Definition: fapi_int.h:275
TPML_DIGEST_VALUES * event_digests
Definition: fapi_int.h:273
ESYS_TR handle
Definition: fapi_int.h:282
TPML_DIGEST_VALUES digest_list
Definition: fapi_int.h:272
TPML_PCR_SELECTION * pcr_selection_out
Definition: fapi_int.h:276
const char * keyPath
Definition: fapi_int.h:281
uint32_t * pcrList
Definition: fapi_int.h:285
Definition: fapi_int.h:616
char ** pathlist
Definition: fapi_int.h:621
ESYS_TR session
Definition: fapi_int.h:631
IFAPI_POLICYUTIL_STACK * policyutil_stack
Definition: fapi_int.h:627
IFAPI_POLICY_EXEC_CTX * policy_stack
Definition: fapi_int.h:623
Definition: ifapi_policy_instantiate.h:25
Definition: ifapi_policy_execute.h:67
Definition: ifapi_policy_store.h:17
Definition: ifapi_policyutil_execute.h:27
Definition: ifapi_profiles.h:15
Definition: ifapi_profiles.h:52
Definition: fapi_int.h:311
json_object * jso
Definition: fapi_int.h:316
char * object_path
Definition: fapi_int.h:315
char * jso_string
Definition: fapi_int.h:317
IFAPI_OBJECT object
Definition: fapi_int.h:314
char * description
Definition: fapi_int.h:312
UINT8_ARY appData
Definition: fapi_int.h:313
Definition: fapi_int.h:518
char ** pathlist
Definition: fapi_int.h:527
size_t numHierarchyObjects
Definition: fapi_int.h:529
IFAPI_OBJECT hierarchy_hn
Definition: fapi_int.h:522
size_t numPaths
Definition: fapi_int.h:528
IFAPI_KEY_TEMPLATE public_templ
Definition: fapi_int.h:525
IFAPI_OBJECT hierarchy_he
Definition: fapi_int.h:521
IFAPI_OBJECT * hierarchy
Definition: fapi_int.h:523
IFAPI_OBJECT hierarchy_hs
Definition: fapi_int.h:520
IFAPI_OBJECT hierarchy_lockout
Definition: fapi_int.h:519
IFAPI_OBJECT * hierarchies
Definition: fapi_int.h:532
size_t path_idx
Definition: fapi_int.h:531
size_t hiearchy_idx
Definition: fapi_int.h:530
TPMS_POLICY * hierarchy_policy
Definition: fapi_int.h:524
Definition: fapi_int.h:447
IFAPI_OBJECT * object
Definition: fapi_int.h:449
const char * keyPath
Definition: fapi_int.h:448
Definition: fapi_int.h:509
TPMI_ALG_HASH * hash_alg
Definition: fapi_int.h:511
size_t hash_size
Definition: fapi_int.h:512
size_t digest_idx
Definition: fapi_int.h:513
const char * policyPath
Definition: fapi_int.h:510
Definition: ifapi_policy_types.h:128
Definition: ifapi_policy_types.h:275
struct TPML_POLICYELEMENTS * policy
Definition: ifapi_policy_types.h:279
Definition: fapi_types.h:15
Definition: fapi_types.h:34
Definition: fapi_types.h:24
Definition: fapi_int.h:778