tpm2-tss  3.2.1
TPM Software stack 2.0 TCG spec compliant implementation
fapi_int.h
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3  * Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG
4  * All rights reserved.
5  ******************************************************************************/
6 #ifndef FAPI_INT_H
7 #define FAPI_INT_H
8 
9 #include "fapi_types.h"
10 #include "ifapi_policy_types.h"
11 #include "ifapi_policy_instantiate.h"
12 #include "ifapi_eventlog.h"
13 #include "ifapi_io.h"
14 #include "ifapi_profiles.h"
15 #include "ifapi_macros.h"
16 #include "ifapi_keystore.h"
17 #include "ifapi_policy_store.h"
18 #include "ifapi_config.h"
19 
20 #include <stdlib.h>
21 #include <stdint.h>
22 #include <unistd.h>
23 #include <string.h>
24 #include <inttypes.h>
25 #include <stdarg.h>
26 #include <stdbool.h>
27 #include <sys/stat.h>
28 #include <stdio.h>
29 #include <errno.h>
30 #include <fcntl.h>
31 #include <json-c/json.h>
32 #include <poll.h>
33 
34 #include "tss2_esys.h"
35 #include "tss2_fapi.h"
36 
37 #define DEFAULT_LOG_DIR "/run/tpm2_tss"
38 #define IFAPI_PCR_LOG_FILE "pcr.log"
39 #define IFAPI_OBJECT_TYPE ".json"
40 #define IFAPI_OBJECT_FILE "object.json"
41 #define IFAPI_SRK_KEY_PATH "/HS/SRK"
42 #define IFAPI_EK_KEY_PATH "/HE/EK"
43 #define IFAPI_HS_PATH "/HS"
44 #define IFAPI_HE_PATH "/HE"
45 #define IFAPI_HN_PATH "/HN"
46 #define IFAPI_LOCKOUT_PATH "/LOCKOUT"
47 #define IFAPI_SRK_OBJECT_PATH "/HS/SRK/object.json"
48 #define IFAPI_HS_OBJECT_PATH "/HS/object.json"
49 
50 typedef UINT32 TSS2_KEY_TYPE;
51 #define TSS2_SRK 2
52 #define TSS2_EK 3
53 #define MIN_EK_CERT_HANDLE 0x1c00000
54 #define MIN_PLATFORM_CERT_HANDLE 0x01C08000
55 #define MAX_PLATFORM_CERT_HANDLE 0x01C0FFFF
56 
57 typedef UINT8 IFAPI_SESSION_TYPE;
58 #define IFAPI_SESSION_GENEK 0x01
59 #define IFAPI_SESSION1 0x02
60 #define IFAPI_SESSION2 0x04
61 
62 #define IFAPI_POLICY_PATH "policy"
63 #define IFAPI_NV_PATH "nv"
64 #define IFAPI_EXT_PATH "ext"
65 #define IFAPI_FILE_DELIM "/"
66 #define IFAPI_LIST_DELIM ":"
67 #define IFAPI_FILE_DELIM_CHAR '/'
68 #define IFAPI_PUB_KEY_DIR "ext"
69 #define IFAPI_POLICY_DIR "policy"
70 #define IFAPI_PEM_PUBLIC_STRING "-----BEGIN PUBLIC KEY-----"
71 #define IFAPI_PEM_PRIVATE_KEY "-----PRIVATE KEY-----"
72 #define IFAPI_JSON_TAG_POLICY "policy"
73 #define IFAPI_JSON_TAG_OBJECT_TYPE "objectType"
74 #define IFAPI_JSON_TAG_DUPLICATE "public_parent"
75 
76 #define FAPI_WRITE W_OK
77 #define FAPI_READ R_OK
78 
79 #if TPM2_MAX_NV_BUFFER_SIZE > TPM2_MAX_DIGEST_BUFFER
80 #define IFAPI_MAX_BUFFER_SIZE TPM2_MAX_NV_BUFFER_SIZE
81 #else
82 #define IFAPI_MAX_BUFFER_SIZE TPM2_MAX_DIGEST_BUFFER
83 #endif
84 
85 #define IFAPI_FLUSH_PARENT true
86 #define IFAPI_NOT_FLUSH_PARENT false
87 
88 /* Definition of FAPI buffer for TPM2B transmission */
89 typedef struct {
90  UINT16 size;
91  BYTE buffer[IFAPI_MAX_BUFFER_SIZE];
93 
94 #define OSSL_FREE(S,TYPE) if((S) != NULL) {TYPE##_free((void*) (S)); (S)=NULL;}
95 
96 
97 #define FAPI_COPY_DIGEST(dest_buffer, dest_size, src, src_size) \
98  if (src_size > sizeof(TPMU_HA)) { \
99  return_error(TSS2_FAPI_RC_BAD_VALUE, "Digest size too large."); \
100  } \
101  memcpy(dest_buffer, (src), (src_size)); \
102  dest_size = src_size
103 
104 #define HASH_UPDATE(CONTEXT, TYPE, OBJECT, R, LABEL) \
105  { \
106  uint8_t buffer[sizeof(TYPE)]; \
107  size_t offset = 0; \
108  R = Tss2_MU_ ## TYPE ## _Marshal(OBJECT, \
109  &buffer[0], sizeof(TYPE), &offset); \
110  goto_if_error(R, "Marshal for hash update", LABEL); \
111  R = ifapi_crypto_hash_update(CONTEXT, \
112  (const uint8_t *) &buffer[0], \
113  offset); \
114  goto_if_error(R, "crypto hash update", LABEL); }
115 
116 #define HASH_UPDATE_BUFFER(CONTEXT, BUFFER, SIZE, R, LABEL) \
117  R = ifapi_crypto_hash_update(CONTEXT, \
118  (const uint8_t *) BUFFER, SIZE) ; \
119  goto_if_error(R, "crypto hash update", LABEL);
120 
121 #define FAPI_SYNC(r,msg,label, ...) \
122  if (base_rc(r) == TSS2_BASE_RC_TRY_AGAIN) \
123  return TSS2_FAPI_RC_TRY_AGAIN; \
124  if (r != TSS2_RC_SUCCESS) { \
125  LOG_ERROR(TPM2_ERROR_FORMAT " " msg, TPM2_ERROR_TEXT(r), ## __VA_ARGS__); \
126  goto label; \
127  }
128 
130 enum IFAPI_GET_CERT_STATE {
131  GET_CERT_INIT = 0,
132  GET_CERT_WAIT_FOR_GET_CAP,
133  GET_CERT_GET_CERT_NV,
134  GET_CERT_GET_CERT_NV_FINISH,
135  GET_CERT_GET_CERT_READ_PUBLIC,
136  GET_CERT_GET_CERT_READ_HIERARCHY,
137  GET_CERT_READ_CERT
138 };
139 
141 enum IFAPI_CLEANUP_STATE {
142  CLEANUP_INIT = 0,
143  CLEANUP_SESSION1,
144  CLEANUP_SESSION2,
145  CLEANUP_SRK
146 };
147 
149 enum IFAPI_READ_NV_PUBLIC_STATE {
150  READ_NV_PUBLIC_INIT = 0,
151  READ_NV_PUBLIC_GET_ESYS_TR,
152  READ_NV_PUBLIC_GET_PUBLIC
153 };
154 
155 #define IFAPI_MAX_CAP_INFO 17
156 
157 typedef struct {
158  char *description;
159  TPMS_CAPABILITY_DATA *capability;
161 
162 typedef struct {
163  char *fapi_version;
165  IFAPI_CAP_INFO cap[IFAPI_MAX_CAP_INFO];
166 } IFAPI_INFO;
167 
170 typedef struct {
171  TPMI_YES_NO system;
173  TPMI_YES_NO persistent;
175  TPM2B_PUBLIC public;
177 
180 typedef struct {
181  TPMI_YES_NO system;
183  TPMI_RH_HIERARCHY hierarchy;
184  char *description;
185  TPMS_NV_PUBLIC public;
187 
190 typedef struct {
191  TPMT_SIG_SCHEME sig_scheme;
192  TPMS_ATTEST attest;
194 
195 
197 enum _FAPI_STATE_NV_READ {
198  NV_READ_INIT = 0,
199  NV_READ_AUTHORIZE,
200  NV_READ_AUTHORIZE2,
201  NV_READ_AUTH_SENT
202 };
203 
205 enum _FAPI_STATE_NV_WRITE {
206  NV2_WRITE_INIT = 0,
207  NV2_WRITE_READ,
208  NV2_WRITE_WAIT_FOR_SESSSION,
209  NV2_WRITE_NULL_AUTH_SENT,
210  NV2_WRITE_AUTH_SENT,
211  NV2_WRITE_WRITE_PREPARE,
212  NV2_WRITE_WRITE,
213  NV2_WRITE_AUTHORIZE,
214  NV2_WRITE_AUTHORIZE2
215 };
216 
219 typedef struct {
220  char *nvPath ;
221  char *policyPath;
222  TPM2B_NV_PUBLIC public;
225  size_t numBytes;
226  UINT16 bytesRequested;
227  UINT16 offset;
228  size_t data_idx;
229  const uint8_t *data;
230  uint8_t *rdata;
231  size_t size;
234  TPM2B_AUTH auth;
237  uint64_t bitmap;
238  IFAPI_NV_TEMPLATE public_templ;
240  enum _FAPI_STATE_NV_READ nv_read_state;
241  enum _FAPI_STATE_NV_WRITE nv_write_state;
242  uint8_t *write_data;
243  char *logData;
244  json_object *jso_event_log;
245  TPMI_RH_NV_INDEX maxNvIndex;
247  TPML_DIGEST_VALUES digests;
249 } IFAPI_NV_Cmds;
250 
253 typedef struct {
254  TPMS_CAPABILITY_DATA *capability; /* TPM capability data to check available algs */
255  char **pathlist;
256  size_t numPaths;
259  size_t primary_idx;
260  size_t path_idx;
263 
266 typedef struct {
267  TPML_DIGEST_VALUES digest_list;
268  TPML_DIGEST_VALUES *event_digests;
270  TPML_PCR_SELECTION pcr_selection;
271  TPML_PCR_SELECTION *pcr_selection_out;
272  UINT32 update_count;
273  TPML_DIGEST *pcrValues; /* The values returned by PCR_Read */
274  TPM2_HANDLE pcrIndex;
275  TPMI_ALG_HASH hashAlg;
276  const char *keyPath;
279  TPMS_CAPABILITY_DATA *capabilityData; /* TPM capability data to check available algs */
280  uint32_t *pcrList;
281  size_t pcrListSize;
282  TPM2B_DATA qualifyingData;
283  uint8_t const *eventData;
284  TPM2B_EVENT event;
285  size_t eventDataSize;
286  uint32_t const *hashAlgs;
287  uint32_t *hashAlgs2;
288  size_t numHashAlgs;
289  char const *quoteInfo;
290  TPM2B_ATTEST *tpm_quoted;
291  TPMT_SIGNATURE *tpm_signature;
292  uint8_t *signature;
293  size_t signatureSize;
294  char const *logData;
295  char *pcrLog;
296  IFAPI_EVENT pcr_event;
297  json_object *event_list;
298  FAPI_QUOTE_INFO fapi_quote_info;
299  uint8_t *pcrValue;
300  size_t pcrValueSize;
301  char *event_log_file;
302 } IFAPI_PCR;
303 
306 typedef struct {
307  char *description;
310  char *object_path;
311  json_object *jso;
312  char *jso_string;
314 
317 typedef struct {
318  size_t numBytes;
319  size_t idx;
320  UINT16 bytesRequested;
321  uint8_t *data;
322  uint8_t *ret_data;
324 
327 typedef struct {
328  const char *pem_cert;
329  char *pem_cert_dup;
330  const char *key_path;
334 
336 enum IFAPI_KEY_CREATE_STATE {
337  KEY_CREATE_INIT = 0,
338  KEY_CREATE_WAIT_FOR_SESSION,
339  KEY_CREATE_WAIT_FOR_PARENT,
340  KEY_CREATE_AUTH_SENT,
341  KEY_CREATE_WAIT_FOR_LOAD_AUTHORIZATION,
342  KEY_CREATE_WAIT_FOR_KEY,
343  KEY_CREATE_WAIT_FOR_HIERARCHY,
344  KEY_CREATE_AUTHORIZE_HIERARCHY,
345  KEY_CREATE_WAIT_FOR_EVICT_CONTROL,
346  KEY_CREATE_WRITE_PREPARE,
347  KEY_CREATE_WRITE,
348  KEY_CREATE_FLUSH1,
349  KEY_CREATE_FLUSH2,
350  KEY_CREATE_CALCULATE_POLICY,
351  KEY_CREATE_PRIMARY_CALCULATE_POLICY,
352  KEY_CREATE_WAIT_FOR_AUTHORIZATION,
353  KEY_CREATE_CLEANUP,
354  KEY_CREATE_WAIT_FOR_RANDOM,
355  KEY_CREATE_PRIMARY_INIT,
356  KEY_CREATE_PRIMARY_WAIT_FOR_SESSION,
357  KEY_CREATE_PRIMARY_WAIT_FOR_HIERARCHY,
358  KEY_CREATE_PRIMARY_WAIT_FOR_AUTHORIZE1,
359  KEY_CREATE_PRIMARY_WAIT_FOR_AUTHORIZE2,
360  KEY_CREATE_PRIMARY_WAIT_FOR_PRIMARY,
361  KEY_CREATE_PRIMARY_WAIT_FOR_EVICT_CONTROL,
362  KEY_CREATE_PRIMARY_FLUSH,
363  KEY_CREATE_PRIMARY_WRITE_PREPARE,
364  KEY_CREATE_PRIMARY_WRITE,
365  KEY_CREATE_PRIMARY_CLEANUP
366 };
367 
370 typedef struct {
371  enum IFAPI_KEY_CREATE_STATE state;
372  const char *keyPath;
377  TPM2B_PUBLIC public;
379  TPM2B_SENSITIVE_CREATE inSensitive;
380  TPM2B_DATA outsideInfo;
381  TPML_PCR_SELECTION creationPCR;
382  ESYS_TR handle;
383  const char *authValue;
384  const char *policyPath;
385  const IFAPI_PROFILE *profile;
389 
392 typedef struct {
393  char const *keyPath;
394  uint8_t const *in_data;
395  size_t in_dataSize;
398  size_t numBytes;
399  size_t decrypt;
400  UINT16 bytesRequested;
401  TPMT_RSA_DECRYPT rsa_scheme;
402  ESYS_TR object_handle;
403  char *policy_path;
404  ESYS_TR auth_session;
405  const IFAPI_PROFILE *profile;
406  uint8_t *plainText;
407  size_t plainTextSize;
408  uint8_t *cipherText;
409  size_t cipherTextSize;
411 
413 enum FAPI_SIGN_STATE {
414  SIGN_INIT = 0,
415  SIGN_WAIT_FOR_SESSION,
416  SIGN_WAIT_FOR_KEY,
417  SIGN_AUTH_SENT,
418  SIGN_WAIT_FOR_FLUSH
419 };
420 
423 typedef struct {
424  enum FAPI_SIGN_STATE state;
425  const char *keyPath;
427  TPM2B_DIGEST digest;
428  TPMT_SIG_SCHEME scheme;
430  TPMT_SIGNATURE *tpm_signature;
431  TPMI_YES_NO decrypt;
432  TPMT_SIGNATURE *signature;
433  char const *padding;
434  char *certificate;
435  uint8_t *ret_signature;
436  size_t signatureSize;
437  char *publicKey;
439 
442 typedef struct {
443  const char *keyPath;
445  TPM2B_SENSITIVE_DATA *unseal_data;
446 } IFAPI_Unseal;
447 
448 
451 typedef struct {
452  TPMS_CAPABILITY_DATA *capability_data;
453  TPMS_CAPABILITY_DATA *fetched_data;
454  size_t idx_info_cap;
455  IFAPI_INFO info_obj;
456  UINT32 property_count;
457  UINT32 property;
458 } IFAPI_GetInfo;
459 
461 enum IFAPI_HIERACHY_AUTHORIZATION_STATE {
462  HIERARCHY_CHANGE_AUTH_INIT = 0,
463  HIERARCHY_CHANGE_AUTH_NULL_AUTH_SENT,
464  HIERARCHY_CHANGE_AUTH_AUTH_SENT
465 };
466 
468 enum IFAPI_HIERACHY_POLICY_AUTHORIZATION_STATE {
469  HIERARCHY_CHANGE_POLICY_INIT = 0,
470  HIERARCHY_CHANGE_POLICY_NULL_AUTH_SENT,
471  HIERARCHY_CHANGE_POLICY_AUTHORIZE,
472  HIERARCHY_CHANGE_POLICY_AUTH_SENT
473 };
474 
477 typedef struct {
478  const char *entityPath;
481  const char *authValue;
482  TPM2B_AUTH newAuthValue;
483  TPM2B_PRIVATE *newPrivate;
488  char **pathlist;
489  size_t numPaths;
492 
495 typedef struct {
496  const char *policyPath;
497  const char *signingKeyPath;
498  TPM2B_DIGEST policyRef;
499  TPMS_POLICYAUTHORIZATION authorization;
501 
504 typedef struct {
505  const char *policyPath;
506  TPMI_ALG_HASH *hash_alg;
507  size_t hash_size;
508  size_t digest_idx;
510 
513 typedef struct {
521  TPM2B_PUBLIC public;
522  char **pathlist;
523  size_t numPaths;
525  size_t hiearchy_idx;
526  size_t path_idx;
528  TPM2B_SENSITIVE_CREATE inSensitive;
529  TPM2B_DATA outsideInfo;
530  TPML_PCR_SELECTION creationPCR;
531  ESYS_TR handle;
532  const char *authValueLockout;
533  const char *authValueEh;
534  const char *policyPathEh;
535  const char *authValueSh;
536  const char *policyPathSh;
537  size_t digest_idx;
538  size_t hash_size;
539  TPM2_HANDLE cert_nv_idx;
540  TPM2B_NV_PUBLIC *nvPublic;
541  ESYS_TR esys_nv_cert_handle;
542  char *pem_cert;
543  TPM2_ALG_ID cert_key_type;
544  size_t cert_count;
545  size_t cert_idx;
546  TPMS_CAPABILITY_DATA *capabilityData;
547  IFAPI_OBJECT hierarchy_object;
548  TPM2B_AUTH hierarchy_auth;
549  TPM2B_DIGEST policy_digest;
550  char *intermed_crt;
551  char *root_crt;
552  TPMA_PERMANENT auth_state;
553  ESYS_TR srk_esys_handle;
554  ESYS_TR ek_esys_handle;
555  ESYS_TR srk_tpm_handle;
556  ESYS_TR ek_tpm_handle;
557  bool srk_exists;
559 
562 typedef struct {
563  char *path;
565  IFAPI_OBJECT pkey_object;
566  TPM2B_SENSITIVE_CREATE inSensitive;
567  TPM2B_DATA outsideInfo;
568  TPML_PCR_SELECTION creationPCR;
569  ESYS_TR handle;
570  TPMI_DH_PERSISTENT persistent_handle;
571  TPMS_CAPABILITY_DATA *capabilityData;
573 
576 typedef struct {
577  const char *keyPath;
578  uint8_t const *signature;
579  size_t signatureSize;
580  uint8_t const *digest;
581  size_t digestSize;
582  IFAPI_OBJECT key_object;
584 
586 enum IFAPI_STATE_POLICY {
587  POLICY_INIT = 0,
588  POLICY_READ,
589  POLICY_READ_FINISH,
590  POLICY_INSTANTIATE_PREPARE,
591  POLICY_INSTANTIATE,
592  POLICY_EXECUTE_PREPARE,
593  POLICY_EXECUTE,
594  POLICY_FLUSH
595 };
596 
599 
601 enum FAPI_CREATE_SESSION_STATE {
602  CREATE_SESSION_INIT = 0,
603  CREATE_SESSION,
604  WAIT_FOR_CREATE_SESSION
605 };
606 
609 typedef struct {
610  enum IFAPI_STATE_POLICY state;
611  struct TPMS_POLICY policy;
612  size_t digest_idx;
613  size_t hash_size;
614  char **pathlist;
615  TPMI_ALG_HASH hash_alg;
619  IFAPI_POLICYUTIL_STACK *util_current_policy;
626  enum FAPI_CREATE_SESSION_STATE create_session_state;
627  char *path;
630 
632 enum IFAPI_STATE_FILE_SEARCH {
633  FSEARCH_INIT = 0,
634  FSEARCH_READ,
635  FSEARCH_OBJECT
636 };
637 
640 typedef struct {
641  enum IFAPI_STATE_FILE_SEARCH state;
642  char **pathlist;
643  size_t path_idx;
644  size_t numPaths;
645  char *current_path;
647 
649 enum _FAPI_STATE_PREPARE_LOAD_KEY {
650  PREPARE_LOAD_KEY_INIT = 0,
651  PREPARE_LOAD_KEY_WAIT_FOR_SESSION,
652  PREPARE_LOAD_KEY_INIT_KEY,
653  PREPARE_LOAD_KEY_WAIT_FOR_KEY
654 };
655 
657 enum _FAPI_STATE_LOAD_KEY {
658  LOAD_KEY_GET_PATH = 0,
659  LOAD_KEY_READ_KEY,
660  LOAD_KEY_WAIT_FOR_PRIMARY,
661  LOAD_KEY_LOAD_KEY,
662  LOAD_KEY_AUTH,
663  LOAD_KEY_AUTHORIZE
664 };
665 
668 typedef struct {
669  char const *pathOfKeyToDuplicate;
671  TPM2B_PUBLIC public_parent;
676  struct TPMS_POLICY policy;
677  ESYS_TR handle_ext_key;
678  char *exportedData;
680 
683 typedef struct {
684  char const *path;
688  TPMI_ALG_HASH hashAlg;
689  size_t profile_idx;
694 
697 typedef struct {
698  IFAPI_OBJECT object;
699  TPM2B_NAME parent_name;
700  IFAPI_OBJECT *parent_object;
701  IFAPI_OBJECT new_object;
702  char *parent_path;
703  char *out_path;
704  TPM2B_PRIVATE *private;
705  char *jso_string;
706  const IFAPI_PROFILE *profile;
708 
709 
712 typedef struct {
713  enum _FAPI_STATE_LOAD_KEY state;
714  enum _FAPI_STATE_PREPARE_LOAD_KEY prepare_state;
716  NODE_OBJECT_T *key_list;
717  IFAPI_OBJECT auth_object;
718  size_t position;
719  ESYS_TR handle;
720  ESYS_TR parent_handle;
721  bool parent_handle_persistent;
722  IFAPI_OBJECT *key_object;
723  char *key_path;
724  char const *path;
725 } IFAPI_LoadKey;
726 
729 typedef struct {
730  bool is_key;
732  ESYS_TR new_object_handle;
733  TPM2_HANDLE permanentHandle;
736  char *path;
738  char **pathlist;
739  size_t numPaths;
740  size_t path_idx;
742 
745 typedef struct {
746  uint8_t type;
747  uint8_t *data;
748  size_t length;
749  bool is_key;
751  ESYS_TR new_object_handle;
752  TPM2_HANDLE permanentHandle;
755  char *path;
759 
762 typedef struct {
763  const char *searchPath;
765 
771 typedef union {
772  IFAPI_Provision Provision;
773  IFAPI_Key_Create Key_Create;
774  IFAPI_Key_SetCertificate Key_SetCertificate;
775  IFAPI_Entity_ChangeAuth Entity_ChangeAuth;
776  IFAPI_Entity_Delete Entity_Delete;
777  IFAPI_GetEsysBlob GetEsysBlob;
778  IFAPI_Entities_List Entities_List;
779  IFAPI_Key_VerifySignature Key_VerifySignature;
780  IFAPI_Data_EncryptDecrypt Data_EncryptDecrypt;
781  IFAPI_PCR pcr;
782  IFAPI_INITIALIZE Initialize;
783  IFAPI_Path_SetDescription path_set_info;
784  IFAPI_Fapi_AuthorizePolicy Policy_AuthorizeNewPolicy;
785  IFAPI_api_WriteAuthorizeNv WriteAuthorizeNV;
786  IFAPI_ExportKey ExportKey;
787  IFAPI_ImportKey ImportKey;
788  IFAPI_Unseal Unseal;
789  IFAPI_GetInfo GetInfo;
790  IFAPI_ExportPolicy ExportPolicy;
792 
794 enum _FAPI_STATE_PRIMARY {
795  PRIMARY_INIT = 0,
796  PRIMARY_READ_KEY,
797  PRIMARY_READ_HIERARCHY,
798  PRIMARY_READ_HIERARCHY_FINISH,
799  PRIMARY_AUTHORIZE_HIERARCHY,
800  PRIMARY_GET_AUTH_VALUE,
801  PRIMARY_WAIT_FOR_PRIMARY,
802  PRIMARY_HAUTH_SENT,
803  PRIMARY_CREATED,
804  PRIMARY_VERIFY_PERSISTENT,
805  PRIMARY_GET_CAP
806 };
807 
809 enum _FAPI_STATE_SESSION {
810  SESSION_INIT = 0,
811  SESSION_WAIT_FOR_PRIMARY,
812  SESSION_CREATE_SESSION,
813  SESSION_WAIT_FOR_SESSION1,
814  SESSION_WAIT_FOR_SESSION2
815 };
816 
818 enum _FAPI_STATE_GET_RANDOM {
819  GET_RANDOM_INIT = 0,
820  GET_RANDOM_SENT
821 };
822 
824 enum _FAPI_FLUSH_STATE {
825  FLUSH_INIT = 0,
826  WAIT_FOR_FLUSH
827 };
828 
830 enum _FAPI_STATE {
831  _FAPI_STATE_INIT = 0,
834  _FAPI_STATE_INTERNALERROR,
836  INITIALIZE_READ,
837  INITIALIZE_INIT_TCTI,
838  INITIALIZE_GET_CAP,
839  INITIALIZE_WAIT_FOR_CAP,
840  INITIALIZE_READ_PROFILE,
841  INITIALIZE_READ_PROFILE_INIT,
842  INITIALIZE_READ_TIME,
843  INITIALIZE_CHECK_NULL_PRIMARY,
844  INITIALIZE_READ_NULL_PRIMARY,
845  PROVISION_WAIT_FOR_GET_CAP_AUTH_STATE,
846  PROVISION_WAIT_FOR_GET_CAP0,
847  PROVISION_WAIT_FOR_GET_CAP1,
848  PROVISION_INIT_GET_CAP2,
849  PROVISION_WAIT_FOR_GET_CAP2,
850  PROVISION_GET_CERT_NV,
851  PROVISION_GET_CERT_NV_FINISH,
852  PROVISION_GET_CERT_READ_PUBLIC,
853  PROVISION_READ_CERT,
854  PROVISION_PREPARE_READ_ROOT_CERT,
855  PROVISION_READ_ROOT_CERT,
856  PROVISION_PREPARE_READ_INT_CERT,
857  PROVISION_READ_INT_CERT,
858  PROVISION_INIT,
859  PROVISION_INIT_SRK,
860  PROVISION_WAIT_FOR_EK_SESSION,
861  PROVISION_WAIT_FOR_SRK_SESSION,
862  PROVISION_AUTH_EK_NO_AUTH_SENT,
863  PROVISION_AUTH_EK_AUTH_SENT,
864  PROVISION_AUTH_SRK_NO_AUTH_SENT,
865  PROVISION_AUTH_SRK_AUTH_SENT,
866  PROVISION_CLEAN_EK_SESSION,
867  PROVISION_CLEAN_SRK_SESSION,
868  PROVISION_EK_WRITE_PREPARE,
869  PROVISION_EK_WRITE,
870  PROVISION_EK_CHECK_CERT,
871  PROVISION_SRK_WRITE_PREPARE,
872  PROVISION_SRK_WRITE,
873  PROVISION_WAIT_FOR_EK_PERSISTENT,
874  PROVISION_WAIT_FOR_SRK_PERSISTENT,
875  PROVISION_CHANGE_LOCKOUT_AUTH,
876  PROVISION_CHANGE_EH_CHECK,
877  PROVISION_CHANGE_EH_AUTH,
878  PROVISION_CHANGE_SH_CHECK,
879  PROVISION_CHANGE_SH_AUTH,
880  PROVISION_EH_CHANGE_POLICY,
881  PROVISION_SH_CHANGE_POLICY,
882  PROVISION_LOCKOUT_CHANGE_POLICY,
883  PROVISION_FINISHED,
884  PROVISION_WRITE_SH,
885  PROVISION_WRITE_EH,
886  PROVISION_PREPARE_NULL,
887  PROVISION_WRITE_NULL,
888  PROVISION_WRITE_LOCKOUT,
889  PROVISION_WRITE_LOCKOUT_PARAM,
890  PROVISION_PREPARE_LOCKOUT_PARAM,
891  PROVISION_AUTHORIZE_LOCKOUT,
892  PROVISION_FLUSH_SRK,
893  PROVISION_FLUSH_EK,
894  PROVISION_CHECK_FOR_VENDOR_CERT,
895  PROVISION_GET_VENDOR,
896  PROVISION_GET_HIERARCHIES,
897  PROVISION_READ_HIERARCHIES,
898  PROVISION_READ_HIERARCHY,
899  PROVISION_WRITE_HIERARCHIES,
900  PROVISION_WRITE_HIERARCHY,
901  PROVISION_PREPARE_GET_CAP_AUTH_STATE,
902  PROVISION_SRK_GET_PERSISTENT_NAME,
903  PROVISION_CHECK_SRK_EVICT_CONTROL,
904  PROVISION_AUTHORIZE_HS_FOR_EK_EVICT,
905  PROVISION_PREPARE_EK_EVICT,
906 
907  KEY_CREATE,
908  KEY_CREATE_PRIMARY,
909 
910  CREATE_SEAL,
911 
912  KEY_SET_CERTIFICATE_READ,
913  KEY_SET_CERTIFICATE_WRITE,
914 
915  KEY_GET_CERTIFICATE_READ,
916 
917  GET_RANDOM_WAIT_FOR_SESSION,
918  GET_RANDOM_WAIT_FOR_RANDOM,
919  GET_RANDOM_CLEANUP,
920 
921  NV_CREATE_READ_PROFILE,
922  NV_CREATE_READ_HIERARCHY,
923  NV_CREATE_AUTHORIZE_HIERARCHY,
924  NV_CREATE_GET_INDEX,
925  NV_CREATE_FIND_INDEX,
926  NV_CREATE_WAIT_FOR_SESSION,
927 
928  NV_CREATE_AUTH_SENT,
929  NV_CREATE_WRITE,
930  NV_CREATE_CALCULATE_POLICY,
931 
932  NV_WRITE_READ,
933  NV_WRITE_WRITE,
934  NV_WRITE_CLEANUP,
935 
936  NV_EXTEND_READ,
937  NV_EXTEND_WAIT_FOR_SESSION,
938  NV_EXTEND_AUTHORIZE,
939  NV_EXTEND_AUTH_SENT,
940  NV_EXTEND_WRITE,
941  NV_EXTEND_CLEANUP,
942 
943  NV_INCREMENT_READ,
944  NV_INCREMENT_WAIT_FOR_SESSION,
945  NV_INCREMENT_AUTHORIZE,
946  NV_INCREMENT_AUTH_SENT,
947  NV_INCREMENT_WRITE,
948  NV_INCREMENT_CLEANUP,
949 
950  NV_SET_BITS_READ,
951  NV_SET_BITS_WAIT_FOR_SESSION,
952  NV_SET_BITS_AUTHORIZE,
953  NV_SET_BITS_AUTH_SENT,
954  NV_SET_BITS_WRITE,
955  NV_SET_BITS_CLEANUP,
956 
957  NV_READ_READ,
958  NV_READ_WAIT,
959  NV_READ_WAIT_FOR_SESSION,
960  NV_READ_CLEANUP,
961 
962  ENTITY_DELETE_GET_FILE,
963  ENTITY_DELETE_READ,
964  ENTITY_DELETE_WAIT_FOR_SESSION,
965  ENTITY_DELETE_NULL_AUTH_SENT_FOR_KEY,
966  ENTITY_DELETE_AUTH_SENT_FOR_KEY,
967  ENTITY_DELETE_NULL_AUTH_SENT_FOR_NV,
968  ENTITY_DELETE_AUTH_SENT_FOR_NV,
969  ENTITY_DELETE_KEY,
970  ENTITY_DELETE_KEY_WAIT_FOR_HIERARCHY,
971  ENTITY_DELETE_KEY_WAIT_FOR_AUTHORIZATION,
972  ENTITY_DELETE_AUTHORIZE_NV,
973  ENTITY_DELETE_FILE,
974  ENTITY_DELETE_POLICY,
975  ENTITY_DELETE_REMOVE_DIRS,
976  ENTITY_DELETE_CLEANUP,
977  ENTITY_DELETE_READ_HIERARCHY,
978 
979  GET_ESYS_BLOB_GET_FILE,
980  GET_ESYS_BLOB_READ,
981  GET_ESYS_BLOB_NULL_AUTH_SENT_FOR_KEY,
982  GET_ESYS_BLOB_AUTH_SENT_FOR_KEY,
983  GET_ESYS_BLOB_NULL_AUTH_SENT_FOR_NV,
984  GET_ESYS_BLOB_AUTH_SENT_FOR_NV,
985  GET_ESYS_BLOB_KEY,
986  GET_ESYS_BLOB_WAIT_FOR_KEY,
987  GET_ESYS_BLOB_WAIT_FOR_CONTEXT_SAVE,
988  GET_ESYS_BLOB_SERIALIZE,
989  GET_ESYS_BLOB_FILE,
990  GET_ESYS_BLOB_WAIT_FOR_FLUSH,
991  GET_ESYS_BLOB_CLEANUP,
992 
993  ENTITY_GET_TPM_BLOBS_READ,
994 
995  KEY_SIGN_WAIT_FOR_KEY,
996  KEY_SIGN_WAIT_FOR_SIGN,
997  KEY_SIGN_CLEANUP,
998 
999  ENTITY_CHANGE_AUTH_WAIT_FOR_SESSION,
1000  ENTITY_CHANGE_AUTH_WAIT_FOR_KEY,
1001  ENTITY_CHANGE_AUTH_AUTH_SENT,
1002  ENTITY_CHANGE_AUTH_WAIT_FOR_FLUSH,
1003  ENTITY_CHANGE_AUTH_WRITE_PREPARE,
1004  ENTITY_CHANGE_AUTH_WRITE,
1005  ENTITY_CHANGE_AUTH_WAIT_FOR_KEY_AUTH,
1006  ENTITY_CHANGE_AUTH_WAIT_FOR_NV_READ,
1007  ENTITY_CHANGE_AUTH_WAIT_FOR_NV_AUTH,
1008  ENTITY_CHANGE_AUTH_WAIT_FOR_NV_CHANGE_AUTH,
1009  ENTITY_CHANGE_AUTH_HIERARCHY_CHANGE_AUTH,
1010  ENTITY_CHANGE_AUTH_HIERARCHY_READ,
1011  ENTITY_CHANGE_AUTH_HIERARCHY_AUTHORIZE,
1012  ENTITY_CHANGE_AUTH_SAVE_HIERARCHIES_PREPARE,
1013  ENTITY_CHANGE_AUTH_SAVE_HIERARCHIES_FINISH,
1014  ENTITY_CHANGE_AUTH_CLEANUP,
1015 
1016  DATA_ENCRYPT_WAIT_FOR_PROFILE,
1017  DATA_ENCRYPT_WAIT_FOR_SESSION,
1018  DATA_ENCRYPT_WAIT_FOR_KEY,
1019  DATA_ENCRYPT_WAIT_FOR_FLUSH,
1020  DATA_ENCRYPT_WAIT_FOR_RSA_ENCRYPTION,
1021  DATA_ENCRYPT_CLEAN,
1022 
1023  DATA_DECRYPT_WAIT_FOR_PROFILE,
1024  DATA_DECRYPT_WAIT_FOR_SESSION,
1025  DATA_DECRYPT_WAIT_FOR_KEY,
1026  DATA_DECRYPT_WAIT_FOR_FLUSH,
1027  DATA_DECRYPT_WAIT_FOR_RSA_DECRYPTION,
1028  DATA_DECRYPT_AUTHORIZE_KEY,
1029  DATA_DECRYPT_CLEANUP,
1030 
1031  PCR_EXTEND_WAIT_FOR_SESSION,
1032  PCR_EXTEND_WAIT_FOR_GET_CAP,
1033  PCR_EXTEND_READ_EVENT_LOG,
1034  PCR_EXTEND_APPEND_EVENT_LOG,
1035  PCR_EXTEND_FINISH,
1036  PCR_EXTEND_CLEANUP,
1037 
1038  PCR_READ_READ_PCR,
1039  PCR_READ_READ_EVENT_LIST,
1040 
1041  PCR_QUOTE_WAIT_FOR_GET_CAP,
1042  PCR_QUOTE_WAIT_FOR_SESSION,
1043  PCR_QUOTE_WAIT_FOR_KEY,
1044  PCR_QUOTE_AUTH_SENT,
1045  PCR_QUOTE_AUTHORIZE,
1046  PCR_QUOTE_WAIT_FOR_FLUSH,
1047  PCR_QUOTE_READ_EVENT_LIST,
1048  PCR_QUOTE_CLEANUP,
1049 
1050  PATH_SET_DESCRIPTION_READ,
1051  PATH_SET_DESCRIPTION_WRITE,
1052 
1053  PATH_GET_DESCRIPTION_READ,
1054 
1055  APP_DATA_SET_READ,
1056  APP_DATA_SET_WRITE,
1057 
1058  AUTHORIZE_NEW_CALCULATE_POLICY,
1059  AUTHORIZE_NEW_LOAD_KEY,
1060  AUTHORIZE_NEW_KEY_SIGN_POLICY,
1061  AUTHORIZE_NEW_WRITE_POLICY_PREPARE,
1062  AUTHORIZE_NEW_WRITE_POLICY,
1063  AUTHORIZE_NEW_CLEANUP,
1064 
1065  WRITE_AUTHORIZE_NV_READ_NV,
1066  WRITE_AUTHORIZE_NV_CALCULATE_POLICY,
1067  WRITE_AUTHORIZE_NV_WRITE_NV_RAM_PREPARE,
1068  WRITE_AUTHORIZE_NV_WRITE_NV_RAM,
1069  WRITE_AUTHORIZE_NV_WRITE_OBJCECT,
1070  WRITE_AUTHORIZE_NV_WRITE_POLICY_PREPARE,
1071  WRITE_AUTHORIZE_NV_WRITE_POLICY,
1072  WRITE_AUTHORIZE_NV_CLEANUP,
1073 
1074  EXPORT_KEY_READ_PUB_KEY,
1075  EXPORT_KEY_READ_PUB_KEY_PARENT,
1076  EXPORT_KEY_WAIT_FOR_KEY,
1077  EXPORT_KEY_WAIT_FOR_DUPLICATE,
1078  EXPORT_KEY_WAIT_FOR_EXT_KEY,
1079  EXPORT_KEY_WAIT_FOR_AUTHORIZATON,
1080  EXPORT_KEY_WAIT_FOR_FLUSH1,
1081  EXPORT_KEY_WAIT_FOR_FLUSH2,
1082  EXPORT_KEY_CLEANUP,
1083 
1084  IMPORT_KEY_WRITE_POLICY,
1085  IMPORT_KEY_WRITE,
1086  IMPORT_KEY_SEARCH,
1087  IMPORT_KEY_LOAD_PARENT,
1088  IMPORT_KEY_AUTHORIZE_PARENT,
1089  IMPORT_KEY_IMPORT,
1090  IMPORT_KEY_WAIT_FOR_FLUSH,
1091  IMPORT_KEY_WRITE_OBJECT_PREPARE,
1092  IMPORT_KEY_WRITE_OBJECT,
1093  IMPORT_KEY_CLEANUP,
1094  IMPORT_WAIT_FOR_SESSION,
1095  IMPORT_WAIT_FOR_PARENT,
1096  IMPORT_WAIT_FOR_AUTHORIZATION,
1097  IMPORT_WAIT_FOR_KEY,
1098  IMPORT_WRITE,
1099  IMPORT_FLUSH_PARENT,
1100  IMPORT_FLUSH_KEY,
1101  IMPORT_CLEANUP,
1102 
1103  UNSEAL_WAIT_FOR_KEY,
1104  UNSEAL_AUTHORIZE_OBJECT,
1105  UNSEAL_WAIT_FOR_UNSEAL,
1106  UNSEAL_WAIT_FOR_FLUSH,
1107  UNSEAL_CLEANUP,
1108 
1109  GET_PLATFORM_CERTIFICATE,
1110 
1111  POLICY_EXPORT_READ_OBJECT,
1112  POLICY_EXPORT_READ_OBJECT_FINISH,
1113  POLICY_EXPORT_READ_POLICY,
1114  POLICY_EXPORT_READ_POLICY_FINISH,
1115  POLICY_EXPORT_CHECK_DIGEST,
1116  POLICY_EXPORT_COMPUTE_POLICY_DIGEST,
1117 
1118  VERIFY_QUOTE_READ,
1119 
1120  GET_INFO_GET_CAP,
1121  GET_INFO_GET_CAP_MORE,
1122  GET_INFO_WAIT_FOR_CAP
1123 };
1124 
1132  Fapi_CB_Auth auth;
1133  void *authData;
1134  Fapi_CB_Branch branch;
1135  void *branchData;
1136  Fapi_CB_Sign sign;
1137  void *signData;
1138  Fapi_CB_PolicyAction action;
1139  void *actionData;
1140 };
1141 
1151  struct IFAPI_CALLBACKS callbacks;
1152  struct IFAPI_IO io;
1153  struct IFAPI_EVENTLOG eventlog;
1154  struct IFAPI_KEYSTORE keystore;
1155  struct IFAPI_POLICY_STORE pstore;
1156  struct IFAPI_PROFILES profiles;
1157  TPMS_TIME_INFO init_time;
1159  enum _FAPI_STATE state;
1160  enum _FAPI_STATE_PRIMARY primary_state;
1161  enum _FAPI_STATE_SESSION session_state;
1162  enum _FAPI_STATE_GET_RANDOM get_random_state;
1163  enum IFAPI_HIERACHY_AUTHORIZATION_STATE hierarchy_state;
1164  enum IFAPI_HIERACHY_POLICY_AUTHORIZATION_STATE hierarchy_policy_state;
1165  enum IFAPI_GET_CERT_STATE get_cert_state;
1166  enum _FAPI_FLUSH_STATE flush_object_state;
1167  enum IFAPI_CLEANUP_STATE cleanup_state;
1168  enum IFAPI_READ_NV_PUBLIC_STATE read_nv_public_state;
1170  UINT32 nv_buffer_max;
1173  IFAPI_NV_Cmds nv_cmd;
1174  IFAPI_GetRandom get_random;
1175  IFAPI_CreatePrimary createPrimary;
1176  IFAPI_LoadKey loadKey;
1180  ESYS_TR ek_handle;
1181  ESYS_TR srk_handle;
1182  TPMI_DH_PERSISTENT ek_persistent;
1183  TPMI_DH_PERSISTENT srk_persistent;
1184  IFAPI_SESSION_TYPE session_flags;
1185  TPMA_SESSION session1_attribute_flags;
1186  TPMA_SESSION session2_attribute_flags;
1191  enum IFAPI_IO_STATE io_state;
1192  NODE_OBJECT_T *object_list;
1194  IFAPI_OBJECT *current_auth_object;
1195 };
1196 
1197 #define VENDOR_IFX 0x49465800
1198 #define VENDOR_INTC 0x494E5443
1199 #define VEDNOR_IBM 0x49424D20
1200 
1201 #endif /* FAPI_INT_H */
uint32_t ESYS_TR
Definition: tss2_esys.h:16
Definition: esys_int.h:160
Definition: ifapi_keystore.h:145
Definition: fapi_int.h:1148
IFAPI_Key_Sign Key_Sign
Definition: fapi_int.h:1190
UINT32 nv_buffer_max
Definition: fapi_int.h:1170
ESYS_TR session2
Definition: fapi_int.h:1178
IFAPI_MAX_BUFFER aux_data
Definition: fapi_int.h:1187
enum _FAPI_FLUSH_STATE flush_object_state
Definition: fapi_int.h:1166
enum _FAPI_STATE_PRIMARY primary_state
Definition: fapi_int.h:1160
IFAPI_CMD_STATE cmd
Definition: fapi_int.h:1171
IFAPI_FILE_SEARCH_CTX fsearch
Definition: fapi_int.h:1189
IFAPI_OBJECT * duplicate_key
Definition: fapi_int.h:1193
struct IFAPI_CALLBACKS callbacks
Definition: fapi_int.h:1151
enum _FAPI_STATE state
Definition: fapi_int.h:1159
ESYS_CONTEXT * esys
Definition: fapi_int.h:1149
IFAPI_CONFIG config
Definition: fapi_int.h:1169
ESYS_TR session1
Definition: fapi_int.h:1177
enum IFAPI_CLEANUP_STATE cleanup_state
Definition: fapi_int.h:1167
TPMS_TIME_INFO init_time
Definition: fapi_int.h:1157
ESYS_TR policy_session
Definition: fapi_int.h:1179
enum _FAPI_STATE_SESSION session_state
Definition: fapi_int.h:1161
IFAPI_POLICY_CTX policy
Definition: fapi_int.h:1188
enum _FAPI_STATE_GET_RANDOM get_random_state
Definition: fapi_int.h:1162
Definition: fapi_int.h:190
TPMT_SIG_SCHEME sig_scheme
Definition: fapi_int.h:191
TPMS_ATTEST attest
Definition: fapi_int.h:192
Definition: fapi_int.h:1131
Definition: fapi_int.h:157
Definition: ifapi_config.h:20
Definition: fapi_int.h:562
IFAPI_OBJECT hierarchy
Definition: fapi_int.h:564
char * path
Definition: fapi_int.h:563
Definition: fapi_int.h:392
IFAPI_OBJECT * key_object
Definition: fapi_int.h:396
char const * keyPath
Definition: fapi_int.h:393
UINT16 bytesRequested
Definition: fapi_int.h:400
size_t decrypt
Definition: fapi_int.h:399
ESYS_TR key_handle
Definition: fapi_int.h:397
size_t numBytes
Definition: fapi_int.h:398
Definition: ifapi_eventlog.h:43
Definition: ifapi_eventlog.h:58
Definition: fapi_int.h:762
const char * searchPath
Definition: fapi_int.h:763
Definition: fapi_int.h:477
IFAPI_OBJECT * key_object
Definition: fapi_int.h:480
char ** pathlist
Definition: fapi_int.h:488
IFAPI_OBJECT hiearchy_object
Definition: fapi_int.h:485
size_t numPathsCleanup
Definition: fapi_int.h:490
size_t numPaths
Definition: fapi_int.h:489
const char * authValue
Definition: fapi_int.h:481
TPM2B_PRIVATE * newPrivate
Definition: fapi_int.h:483
ESYS_TR hierarchy_handle
Definition: fapi_int.h:487
IFAPI_OBJECT object
Definition: fapi_int.h:484
ESYS_TR nv_index
Definition: fapi_int.h:486
ESYS_TR handle
Definition: fapi_int.h:479
TPM2B_AUTH newAuthValue
Definition: fapi_int.h:482
const char * entityPath
Definition: fapi_int.h:478
Definition: fapi_int.h:729
char ** pathlist
Definition: fapi_int.h:738
TPM2_HANDLE permanentHandle
Definition: fapi_int.h:733
size_t numPaths
Definition: fapi_int.h:739
char * path
Definition: fapi_int.h:736
bool is_key
Definition: fapi_int.h:730
IFAPI_OBJECT object
Definition: fapi_int.h:737
bool is_persistent_key
Definition: fapi_int.h:731
IFAPI_OBJECT auth_object
Definition: fapi_int.h:734
size_t path_idx
Definition: fapi_int.h:740
ESYS_TR auth_index
Definition: fapi_int.h:735
Definition: fapi_int.h:668
IFAPI_OBJECT * key_object
Definition: fapi_int.h:672
IFAPI_OBJECT dup_key
Definition: fapi_int.h:675
char const * pathToPublicKeyOfNewParent
Definition: fapi_int.h:670
IFAPI_OBJECT pub_key
Definition: fapi_int.h:674
TPM2B_PUBLIC public_parent
Definition: fapi_int.h:671
IFAPI_OBJECT export_tree
Definition: fapi_int.h:673
char const * pathOfKeyToDuplicate
Definition: fapi_int.h:669
Definition: fapi_int.h:683
size_t profile_idx
Definition: fapi_int.h:689
TPMS_POLICY policy
Definition: fapi_int.h:687
TPMI_ALG_HASH hashAlg
Definition: fapi_int.h:688
IFAPI_OBJECT object
Definition: fapi_int.h:686
bool compute_policy
Definition: fapi_int.h:690
char const * path
Definition: fapi_int.h:684
Definition: fapi_int.h:640
char ** pathlist
Definition: fapi_int.h:642
size_t numPaths
Definition: fapi_int.h:644
size_t path_idx
Definition: fapi_int.h:643
Definition: fapi_int.h:495
const char * signingKeyPath
Definition: fapi_int.h:497
const char * policyPath
Definition: fapi_int.h:496
Definition: fapi_int.h:745
IFAPI_OBJECT * key_object
Definition: fapi_int.h:757
TPM2_HANDLE permanentHandle
Definition: fapi_int.h:752
uint8_t type
Definition: fapi_int.h:746
char * path
Definition: fapi_int.h:755
bool is_key
Definition: fapi_int.h:749
IFAPI_OBJECT object
Definition: fapi_int.h:756
bool is_persistent_key
Definition: fapi_int.h:750
IFAPI_OBJECT auth_object
Definition: fapi_int.h:753
uint8_t * data
Definition: fapi_int.h:747
size_t length
Definition: fapi_int.h:748
ESYS_TR auth_index
Definition: fapi_int.h:754
Definition: fapi_int.h:451
TPMS_CAPABILITY_DATA * fetched_data
Definition: fapi_int.h:453
TPMS_CAPABILITY_DATA * capability_data
Definition: fapi_int.h:452
Definition: fapi_int.h:317
UINT16 bytesRequested
Definition: fapi_int.h:320
size_t idx
Definition: fapi_int.h:319
uint8_t * ret_data
Definition: fapi_int.h:322
size_t numBytes
Definition: fapi_int.h:318
uint8_t * data
Definition: fapi_int.h:321
Definition: fapi_int.h:162
IFAPI_CONFIG fapi_config
Definition: fapi_int.h:164
char * fapi_version
Definition: fapi_int.h:163
Definition: fapi_int.h:253
char ** pathlist
Definition: fapi_int.h:255
IFAPI_OBJECT * null_primaries
Definition: fapi_int.h:261
size_t numPaths
Definition: fapi_int.h:256
size_t primary_idx
Definition: fapi_int.h:259
size_t path_idx
Definition: fapi_int.h:260
size_t numNullPrimaries
Definition: fapi_int.h:257
Definition: ifapi_io.h:15
Definition: fapi_int.h:697
Definition: fapi_int.h:170
TPMI_YES_NO system
Definition: fapi_int.h:171
UINT32 persistent_handle
Definition: fapi_int.h:174
TPMI_YES_NO persistent
Definition: fapi_int.h:173
Definition: ifapi_keystore.h:118
Definition: fapi_int.h:370
IFAPI_OBJECT hierarchy
Definition: fapi_int.h:378
IFAPI_OBJECT parent
Definition: fapi_int.h:374
bool gen_sensitive_random
Definition: fapi_int.h:386
IFAPI_KEY_TEMPLATE public_templ
Definition: fapi_int.h:376
NODE_STR_T * path_list
Definition: fapi_int.h:373
IFAPI_OBJECT object
Definition: fapi_int.h:375
const char * keyPath
Definition: fapi_int.h:372
Definition: fapi_int.h:327
const char * key_path
Definition: fapi_int.h:330
NODE_STR_T * path_list
Definition: fapi_int.h:331
char * pem_cert_dup
Definition: fapi_int.h:329
const char * pem_cert
Definition: fapi_int.h:328
IFAPI_OBJECT key_object
Definition: fapi_int.h:332
Definition: fapi_int.h:423
IFAPI_OBJECT * key_object
Definition: fapi_int.h:429
uint8_t * ret_signature
Definition: fapi_int.h:435
TPM2B_DIGEST digest
Definition: fapi_int.h:427
TPMT_SIG_SCHEME scheme
Definition: fapi_int.h:428
char const * padding
Definition: fapi_int.h:433
TPMT_SIGNATURE * tpm_signature
Definition: fapi_int.h:430
TPMT_SIGNATURE * signature
Definition: fapi_int.h:432
char * certificate
Definition: fapi_int.h:434
ESYS_TR handle
Definition: fapi_int.h:426
char * publicKey
Definition: fapi_int.h:437
const char * keyPath
Definition: fapi_int.h:425
TPMI_YES_NO decrypt
Definition: fapi_int.h:431
Definition: fapi_int.h:576
Definition: fapi_int.h:712
NODE_STR_T * path_list
Definition: fapi_int.h:715
Definition: fapi_int.h:89
Definition: fapi_int.h:219
UINT16 bytesRequested
Definition: fapi_int.h:226
TPML_DIGEST_VALUES digests
Definition: fapi_int.h:247
ESYS_TR esys_auth_handle
Definition: fapi_int.h:223
IFAPI_EVENT pcr_event
Definition: fapi_int.h:246
bool skip_policy_computation
Definition: fapi_int.h:248
size_t data_idx
Definition: fapi_int.h:228
char * policyPath
Definition: fapi_int.h:221
const uint8_t * data
Definition: fapi_int.h:229
json_object * jso_event_log
Definition: fapi_int.h:244
ESYS_TR esys_handle
Definition: fapi_int.h:224
size_t size
Definition: fapi_int.h:231
char * nvPath
Definition: fapi_int.h:220
TPM2B_AUTH auth
Definition: fapi_int.h:234
uint64_t bitmap
Definition: fapi_int.h:237
size_t numBytes
Definition: fapi_int.h:225
uint8_t * rdata
Definition: fapi_int.h:230
IFAPI_OBJECT auth_object
Definition: fapi_int.h:232
IFAPI_OBJECT nv_object
Definition: fapi_int.h:233
char * logData
Definition: fapi_int.h:243
TPMI_RH_NV_INDEX maxNvIndex
Definition: fapi_int.h:245
UINT16 offset
Definition: fapi_int.h:227
IFAPI_NV nv_obj
Definition: fapi_int.h:235
ESYS_TR auth_index
Definition: fapi_int.h:236
Definition: fapi_int.h:180
TPMI_YES_NO system
Definition: fapi_int.h:181
TPMI_RH_HIERARCHY hierarchy
Definition: fapi_int.h:183
char * description
Definition: fapi_int.h:184
Definition: ifapi_keystore.h:69
Definition: fapi_int.h:266
IFAPI_OBJECT * key_object
Definition: fapi_int.h:278
ESYS_TR PCR
Definition: fapi_int.h:269
TPM2B_DATA qualifyingData
Definition: fapi_int.h:282
size_t pcrListSize
Definition: fapi_int.h:281
TPML_PCR_SELECTION pcr_selection
Definition: fapi_int.h:270
TPML_DIGEST_VALUES * event_digests
Definition: fapi_int.h:268
ESYS_TR handle
Definition: fapi_int.h:277
TPML_DIGEST_VALUES digest_list
Definition: fapi_int.h:267
TPML_PCR_SELECTION * pcr_selection_out
Definition: fapi_int.h:271
const char * keyPath
Definition: fapi_int.h:276
uint32_t * pcrList
Definition: fapi_int.h:280
Definition: fapi_int.h:609
char ** pathlist
Definition: fapi_int.h:614
ESYS_TR session
Definition: fapi_int.h:624
IFAPI_POLICYUTIL_STACK * policyutil_stack
Definition: fapi_int.h:620
IFAPI_POLICY_EXEC_CTX * policy_stack
Definition: fapi_int.h:616
Definition: ifapi_policy_instantiate.h:68
Definition: ifapi_policy_execute.h:130
Definition: ifapi_policy_store.h:17
Definition: ifapi_policyutil_execute.h:26
Definition: ifapi_profiles.h:15
Definition: ifapi_profiles.h:51
Definition: fapi_int.h:306
json_object * jso
Definition: fapi_int.h:311
char * object_path
Definition: fapi_int.h:310
char * jso_string
Definition: fapi_int.h:312
IFAPI_OBJECT object
Definition: fapi_int.h:309
char * description
Definition: fapi_int.h:307
UINT8_ARY appData
Definition: fapi_int.h:308
Definition: fapi_int.h:513
char ** pathlist
Definition: fapi_int.h:522
size_t numHierarchyObjects
Definition: fapi_int.h:524
IFAPI_OBJECT hierarchy_hn
Definition: fapi_int.h:517
size_t numPaths
Definition: fapi_int.h:523
IFAPI_KEY_TEMPLATE public_templ
Definition: fapi_int.h:520
IFAPI_OBJECT hierarchy_he
Definition: fapi_int.h:516
IFAPI_OBJECT * hierarchy
Definition: fapi_int.h:518
IFAPI_OBJECT hierarchy_hs
Definition: fapi_int.h:515
IFAPI_OBJECT hierarchy_lockout
Definition: fapi_int.h:514
IFAPI_OBJECT * hierarchies
Definition: fapi_int.h:527
size_t path_idx
Definition: fapi_int.h:526
size_t hiearchy_idx
Definition: fapi_int.h:525
TPMS_POLICY * hierarchy_policy
Definition: fapi_int.h:519
Definition: fapi_int.h:442
IFAPI_OBJECT * object
Definition: fapi_int.h:444
const char * keyPath
Definition: fapi_int.h:443
Definition: fapi_int.h:504
TPMI_ALG_HASH * hash_alg
Definition: fapi_int.h:506
size_t hash_size
Definition: fapi_int.h:507
size_t digest_idx
Definition: fapi_int.h:508
const char * policyPath
Definition: fapi_int.h:505
Definition: ifapi_policy_types.h:128
Definition: ifapi_policy_types.h:291
struct TPML_POLICYELEMENTS * policy
Definition: ifapi_policy_types.h:295
Definition: fapi_types.h:15
Definition: fapi_types.h:34
Definition: fapi_types.h:24
Definition: fapi_int.h:771