tpm2-tss  master
TPM Software stack 2.0 TCG spec compliant implementation
fapi_int.h
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3  * Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG
4  * All rights reserved.
5  ******************************************************************************/
6 #ifndef FAPI_INT_H
7 #define FAPI_INT_H
8 
9 #include <json.h> // for json_object
10 #include <stdbool.h> // for bool, false, true
11 #include <stdint.h> // for uint8_t, uint32_t, uint64_t
12 #include <stdio.h> // for size_t, NULL
13 #include <unistd.h> // for R_OK, W_OK
14 
15 #include "fapi_types.h" // for NODE_STR_T, NODE_OBJECT_T, UIN...
16 #include "ifapi_config.h" // for IFAPI_CONFIG
17 #include "ifapi_eventlog.h" // for IFAPI_EVENT, FAPI_QUOTE_INFO
18 #include "ifapi_io.h" // for IFAPI_IO
19 #include "ifapi_keystore.h" // for IFAPI_OBJECT, IFAPI_IO_STATE
20 #include "ifapi_policy_instantiate.h" // for IFAPI_POLICY_EVAL_INST_CTX
21 #include "ifapi_policy_store.h" // for IFAPI_POLICY_STORE
22 #include "ifapi_policy_types.h" // for TPMS_POLICY, TPMS_POLICYAUTHOR...
23 #include "ifapi_profiles.h" // for IFAPI_PROFILE, IFAPI_PROFILES
24 #include "tss2_common.h" // for UINT32, UINT16, BYTE, TSS2_BAS...
25 #include "tss2_esys.h" // for ESYS_TR, ESYS_TR_NONE, ESYS_CO...
26 #include "tss2_fapi.h" // for Fapi_CB_Auth, Fapi_CB_Branch
27 #include "tss2_tpm2_types.h" // for TPM2_HANDLE, TPMS_CAPABILITY_DATA
28 #include "util/aux_util.h" // for goto_if_error, TPM2_ERROR_FORMAT
29 
30 #define DEFAULT_LOG_DIR "/run/tpm2_tss"
31 #define IFAPI_PCR_LOG_FILE "pcr.log"
32 #define IFAPI_OBJECT_TYPE ".json"
33 #define IFAPI_OBJECT_FILE "object.json"
34 #define IFAPI_SRK_KEY_PATH "/HS/SRK"
35 #define IFAPI_EK_KEY_PATH "/HE/EK"
36 #define IFAPI_HS_PATH "/HS"
37 #define IFAPI_HE_PATH "/HE"
38 #define IFAPI_HN_PATH "/HN"
39 #define IFAPI_LOCKOUT_PATH "/LOCKOUT"
40 #define IFAPI_SRK_OBJECT_PATH "/HS/SRK/object.json"
41 #define IFAPI_HS_OBJECT_PATH "/HS/object.json"
42 
43 typedef UINT32 TSS2_KEY_TYPE;
44 #define TSS2_SRK 2
45 #define TSS2_EK 3
46 #define MIN_EK_CERT_HANDLE 0x1c00000
47 #define MIN_PLATFORM_CERT_HANDLE 0x01C08000
48 #define MAX_PLATFORM_CERT_HANDLE 0x01C0FFFF
49 
50 typedef UINT8 IFAPI_SESSION_TYPE;
51 #define IFAPI_SESSION_GEN_SRK 0x01
52 #define IFAPI_SESSION1 0x02
53 #define IFAPI_SESSION2 0x04
54 #define IFAPI_SESSION_USE_SRK 0x08
55 
56 #define IFAPI_POLICY_PATH "policy"
57 #define IFAPI_NV_PATH "nv"
58 #define IFAPI_EXT_PATH "ext"
59 #define IFAPI_FILE_DELIM "/"
60 #define IFAPI_LIST_DELIM ":"
61 #define IFAPI_FILE_DELIM_CHAR '/'
62 #define IFAPI_PUB_KEY_DIR "ext"
63 #define IFAPI_POLICY_DIR "policy"
64 #define IFAPI_PEM_PUBLIC_STRING "-----BEGIN PUBLIC KEY-----"
65 #define IFAPI_PEM_PRIVATE_KEY "-----BEGIN PRIVATE KEY-----"
66 #define IFAPI_PEM_RSA_PRIVATE_KEY "-----BEGIN RSA PRIVATE KEY-----"
67 #define IFAPI_PEM_ECC_PRIVATE_KEY "-----BEGIN EC PRIVATE KEY-----"
68 #define IFAPI_JSON_TAG_POLICY "policy"
69 #define IFAPI_JSON_TAG_OBJECT_TYPE "objectType"
70 #define IFAPI_JSON_TAG_DUPLICATE "public_parent"
71 
72 #define FAPI_WRITE W_OK
73 #define FAPI_READ R_OK
74 
75 #if TPM2_MAX_NV_BUFFER_SIZE > TPM2_MAX_DIGEST_BUFFER
76 #define IFAPI_MAX_BUFFER_SIZE TPM2_MAX_NV_BUFFER_SIZE
77 #else
78 #define IFAPI_MAX_BUFFER_SIZE TPM2_MAX_DIGEST_BUFFER
79 #endif
80 
81 #define IFAPI_FLUSH_PARENT true
82 #define IFAPI_NOT_FLUSH_PARENT false
83 
84 #ifndef MAX
85 #define MAX(a, b) ((a) > (b) ? (a) : (b))
86 #endif
87 
88 /* Definition of FAPI buffer for TPM2B transmission */
89 typedef struct {
90  UINT16 size;
91  BYTE buffer[IFAPI_MAX_BUFFER_SIZE];
92 } IFAPI_MAX_BUFFER;
93 
94 #define OSSL_FREE(S, TYPE) \
95  if ((S) != NULL) { \
96  TYPE##_free((void *)(S)); \
97  (S) = NULL; \
98  }
99 
100 #define FAPI_COPY_DIGEST(dest_buffer, dest_size, src, src_size) \
101  if ((src_size) > sizeof(TPMU_HA)) { \
102  return_error(TSS2_FAPI_RC_BAD_VALUE, "Digest size too large."); \
103  } \
104  memcpy(dest_buffer, (src), (src_size)); \
105  (dest_size) = src_size
106 
107 #define HASH_UPDATE(CONTEXT, TYPE, OBJECT, R, LABEL) \
108  { \
109  uint8_t buffer[sizeof(TYPE)]; \
110  size_t offset = 0; \
111  (R) = Tss2_MU_##TYPE##_Marshal(OBJECT, &buffer[0], sizeof(TYPE), &offset); \
112  goto_if_error(R, "Marshal for hash update", LABEL); \
113  (R) = ifapi_crypto_hash_update(CONTEXT, (const uint8_t *)&buffer[0], offset); \
114  goto_if_error(R, "crypto hash update", LABEL); \
115  }
116 
117 #define HASH_UPDATE_BUFFER(CONTEXT, BUFFER, SIZE, R, LABEL) \
118  R = ifapi_crypto_hash_update(CONTEXT, (const uint8_t *)(BUFFER), SIZE); \
119  goto_if_error(R, "crypto hash update", LABEL);
120 
121 #define FAPI_SYNC(r, msg, label, ...) \
122  if (base_rc(r) == TSS2_BASE_RC_TRY_AGAIN) \
123  return TSS2_FAPI_RC_TRY_AGAIN; \
124  if (r != TSS2_RC_SUCCESS) { \
125  LOG_ERROR(TPM2_ERROR_FORMAT " " msg, TPM2_ERROR_TEXT(r), ##__VA_ARGS__); \
126  goto label; \
127  }
128 
129 #define ENC_SESSION_IF_POLICY(auth_session) \
130  ((auth_session) == ESYS_TR_PASSWORD || (auth_session) == ESYS_TR_NONE \
131  || (auth_session) == context->session2 || !context->session2) \
132  ? ESYS_TR_NONE \
133  : context->session2
134 
136 enum IFAPI_GET_CERT_STATE {
137  GET_CERT_INIT = 0,
138  GET_CERT_WAIT_FOR_GET_CAP,
139  GET_CERT_GET_CERT_NV,
140  GET_CERT_GET_CERT_NV_FINISH,
141  GET_CERT_GET_CERT_READ_PUBLIC,
142  GET_CERT_GET_CERT_READ_HIERARCHY,
143  GET_CERT_READ_CERT
144 };
145 
147 enum IFAPI_CLEANUP_STATE { CLEANUP_INIT = 0, CLEANUP_SESSION1, CLEANUP_SESSION2, CLEANUP_SRK };
148 
150 enum IFAPI_READ_NV_PUBLIC_STATE {
151  READ_NV_PUBLIC_INIT = 0,
152  READ_NV_PUBLIC_GET_ESYS_TR,
153  READ_NV_PUBLIC_GET_PUBLIC
154 };
155 
157 enum IFAPI_CHECK_NV_STATE {
158  CHECK_NV_INIT = 0,
159  CHECK_NV_WAIT_FOR_GET_CAP,
160  CHECK_NV_GET_ESYS_HANDLE,
161  CHECK_NV_WAIT_FOR_READ_PUBLIC
162 };
163 
164 #define IFAPI_MAX_CAP_INFO 17
165 
166 typedef struct {
167  char *description;
168  TPMS_CAPABILITY_DATA *capability;
169 } IFAPI_CAP_INFO;
170 
171 typedef struct {
172  char *fapi_version;
173  IFAPI_CONFIG fapi_config;
174  IFAPI_CAP_INFO cap[IFAPI_MAX_CAP_INFO];
175 } IFAPI_INFO;
176 
179 typedef struct {
180  TPMI_YES_NO system;
182  TPMI_YES_NO persistent;
183  UINT32 persistent_handle;
184  TPM2B_PUBLIC public;
185  UINT16 unique_zero;
186  bool unique_rsa_set;
187  bool unique_ecc_set;
188 } IFAPI_KEY_TEMPLATE;
189 
192 typedef struct {
193  TPMI_YES_NO system;
195  TPMI_RH_HIERARCHY hierarchy;
196  char *description;
197  TPMS_NV_PUBLIC public;
198 } IFAPI_NV_TEMPLATE;
199 
201 enum FAPI_STATE_NV_READ {
202  NV_READ_INIT = 0,
203  NV_READ_AUTHORIZE,
204  NV_READ_AUTHORIZE2,
205  NV_READ_AUTH_SENT,
206  NV_READ_CHECK_HANDLE,
207  NV_READ_GET_CAPABILITY,
208  NV_READ_GET_ESYS_HANDLE,
209  NV_READ_GET_NV_PUBLIC,
210  NV_READ_WRITE_CHANGED_OBJECT
211 };
212 
214 enum FAPI_STATE_NV_WRITE {
215  NV2_WRITE_INIT = 0,
216  NV2_WRITE_READ,
217  NV2_WRITE_WAIT_FOR_SESSSION,
218  NV2_WRITE_NULL_AUTH_SENT,
219  NV2_WRITE_AUTH_SENT,
220  NV2_WRITE_WRITE_PREPARE,
221  NV2_WRITE_WRITE,
222  NV2_WRITE_AUTHORIZE,
223  NV2_WRITE_AUTHORIZE2
224 };
225 
228 typedef struct {
229  char *nvPath;
230  char *policyPath;
231  TPM2B_NV_PUBLIC public;
232  ESYS_TR esys_auth_handle;
233  ESYS_TR esys_handle;
234  TPM2_HANDLE tpm_handle;
235  size_t numBytes;
236  UINT16 bytesRequested;
237  UINT16 offset;
238  size_t data_idx;
239  const uint8_t *data;
240  uint8_t *nv_buffer;
241  uint8_t *rdata;
242  size_t size;
243  IFAPI_OBJECT auth_object;
244  IFAPI_OBJECT nv_object;
245  TPM2B_AUTH auth;
246  IFAPI_NV nv_obj;
247  ESYS_TR auth_index;
248  ESYS_TR auth_session;
249  uint64_t bitmap;
250  IFAPI_NV_TEMPLATE public_templ;
252  enum FAPI_STATE_NV_READ nv_read_state;
253  enum FAPI_STATE_NV_WRITE nv_write_state;
254  uint8_t *write_data;
255  char *logData;
256  json_object *jso_event_log;
257  TPMI_RH_NV_INDEX maxNvIndex;
258  IFAPI_EVENT pcr_event;
259  TPML_DIGEST_VALUES digests;
260  bool skip_policy_computation;
261  enum IFAPI_CHECK_NV_STATE nv_check;
262  TPMS_CAPABILITY_DATA *capability; /* TPM capability data to check nv index */
263 } IFAPI_NV_Cmds;
264 
267 typedef struct {
268  TPMS_CAPABILITY_DATA *capability; /* TPM capability data to check available algs */
269  char **pathlist;
270  size_t numPaths;
271  size_t numNullPrimaries;
273  size_t primary_idx;
274  UINT32 nv_cap_idx;
275  size_t path_idx;
276  IFAPI_OBJECT *null_primaries;
277 } IFAPI_INITIALIZE;
278 
280 enum FAPI_NV_CREATE {
281  CREATE_NV_CHECK_NV_OBJECTS_INIT = 0,
282  CREATE_NV_CHECK_NV_OBJECTS,
283  CREATE_NV_READ_NV_OBJECT,
284  CREATE_NV_GET_TPM_NV_HANDLES,
285  CREATE_NV_GET_TPM_NV_HANDLES2,
286  CREATE_NV_CHECK_NV_INDEX,
287  CREATE_NV_NV_GET_ESYS_HANDLE,
288  CREATE_NV_NV_WAIT_FOR_READ_PUBLIC,
289  CREATE_NV_WRITE
290 };
291 
294 typedef struct {
295  enum FAPI_NV_CREATE state;
296  TPMS_CAPABILITY_DATA *capability;
297  char **pathlist;
298  size_t numPaths;
299  UINT32 nv_cap_idx;
300  size_t path_idx;
301  TPMI_RH_NV_INDEX *nv_idx_list;
302  TPMI_YES_NO more_data;
303  TPM2_HANDLE nv_index;
304  ESYS_TR esys_nv_handle;
305  IFAPI_OBJECT nv_object;
306  char *path;
307 } IFAPI_CREATE_NV;
308 
311 typedef struct {
312  TPML_DIGEST_VALUES digest_list;
313  TPML_DIGEST_VALUES *event_digests;
314  ESYS_TR PCR;
315  TPML_PCR_SELECTION pcr_selection;
316  TPML_PCR_SELECTION *pcr_selection_out;
317  UINT32 update_count;
318  TPML_DIGEST *pcrValues; /* The values returned by PCR_Read */
319  TPM2_HANDLE pcrIndex;
320  TPMI_ALG_HASH hashAlg;
321  const char *keyPath;
322  ESYS_TR handle;
323  IFAPI_OBJECT *key_object;
324  TPMS_CAPABILITY_DATA *capabilityData; /* TPM capability data to check available algs */
325  uint32_t *pcrList;
326  size_t pcrListSize;
327  TPM2B_DATA qualifyingData;
328  uint8_t const *eventData;
329  TPM2B_EVENT event;
330  size_t eventDataSize;
331  uint32_t const *hashAlgs;
332  uint32_t *hashAlgs2;
333  size_t numHashAlgs;
334  char const *quoteInfo;
335  char *certificate;
336  TPM2B_ATTEST *tpm_quoted;
337  TPMT_SIGNATURE *tpm_signature;
338  uint8_t *signature;
339  size_t signatureSize;
340  char const *logData;
341  char *pcrLog;
342  IFAPI_EVENT pcr_event;
343  json_object *event_list;
344  FAPI_QUOTE_INFO fapi_quote_info;
345  uint8_t *pcrValue;
346  size_t pcrValueSize;
347  char *event_log_file;
348 } IFAPI_PCR;
349 
352 typedef struct {
353  char *description;
354  UINT8_ARY appData;
355  IFAPI_OBJECT object;
356  char *object_path;
357  json_object *jso;
358  char *jso_string;
359 } IFAPI_Path_SetDescription;
360 
363 typedef struct {
364  size_t numBytes;
365  size_t idx;
366  UINT16 bytesRequested;
367  uint8_t *data;
368  uint8_t *ret_data;
369 } IFAPI_GetRandom;
370 
373 typedef struct {
374  const char *pem_cert;
375  char *pem_cert_dup;
376  const char *key_path;
377  NODE_STR_T *path_list;
378  IFAPI_OBJECT key_object;
379 } IFAPI_Key_SetCertificate;
380 
382 enum IFAPI_KEY_CREATE_STATE {
383  KEY_CREATE_INIT = 0,
384  KEY_CREATE_WAIT_FOR_SESSION,
385  KEY_CREATE_WAIT_FOR_PARENT,
386  KEY_CREATE_AUTH_SENT,
387  KEY_CREATE_WAIT_FOR_LOAD_AUTHORIZATION,
388  KEY_CREATE_WAIT_FOR_KEY,
389  KEY_CREATE_WAIT_FOR_HIERARCHY,
390  KEY_CREATE_AUTHORIZE_HIERARCHY,
391  KEY_CREATE_WAIT_FOR_EVICT_CONTROL,
392  KEY_CREATE_WRITE_PREPARE,
393  KEY_CREATE_WRITE,
394  KEY_CREATE_FLUSH1,
395  KEY_CREATE_FLUSH2,
396  KEY_CREATE_CALCULATE_POLICY,
397  KEY_CREATE_PRIMARY_CALCULATE_POLICY,
398  KEY_CREATE_WAIT_FOR_AUTHORIZATION,
399  KEY_CREATE_CLEANUP,
400  KEY_CREATE_WAIT_FOR_RANDOM,
401  KEY_CREATE_PRIMARY_INIT,
402  KEY_CREATE_PRIMARY_WAIT_FOR_SESSION,
403  KEY_CREATE_PRIMARY_WAIT_FOR_HIERARCHY,
404  KEY_CREATE_PRIMARY_WAIT_FOR_AUTHORIZE1,
405  KEY_CREATE_PRIMARY_WAIT_FOR_AUTHORIZE2,
406  KEY_CREATE_PRIMARY_WAIT_FOR_PRIMARY,
407  KEY_CREATE_PRIMARY_WAIT_FOR_EVICT_CONTROL,
408  KEY_CREATE_PRIMARY_FLUSH,
409  KEY_CREATE_PRIMARY_WRITE_PREPARE,
410  KEY_CREATE_PRIMARY_WRITE,
411  KEY_CREATE_PRIMARY_CLEANUP
412 };
413 
416 typedef struct {
417  enum IFAPI_KEY_CREATE_STATE state;
418  const char *keyPath;
419  NODE_STR_T *path_list;
420  IFAPI_OBJECT parent;
421  IFAPI_OBJECT object;
422  IFAPI_KEY_TEMPLATE public_templ;
423  TPM2B_PUBLIC public;
424  IFAPI_OBJECT hierarchy;
425  TPM2B_SENSITIVE_CREATE inSensitive;
426  TPM2B_DATA outsideInfo;
427  TPML_PCR_SELECTION creationPCR;
428  ESYS_TR handle;
429  const char *authValue;
430  const char *policyPath;
431  const IFAPI_PROFILE *profile;
432  bool gen_sensitive_random;
434 } IFAPI_Key_Create;
435 
438 typedef struct {
439  char const *keyPath;
440  uint8_t const *in_data;
441  size_t in_dataSize;
442  IFAPI_OBJECT *key_object;
443  ESYS_TR key_handle;
444  size_t numBytes;
445  size_t decrypt;
446  UINT16 bytesRequested;
447  TPMT_RSA_DECRYPT rsa_scheme;
448  ESYS_TR object_handle;
449  char *policy_path;
450  ESYS_TR auth_session;
451  const IFAPI_PROFILE *profile;
452  uint8_t *plainText;
453  size_t plainTextSize;
454  uint8_t *cipherText;
455  size_t cipherTextSize;
456 } IFAPI_Data_EncryptDecrypt;
457 
459 enum FAPI_SIGN_STATE {
460  SIGN_INIT = 0,
461  SIGN_WAIT_FOR_SESSION,
462  SIGN_WAIT_FOR_KEY,
463  SIGN_AUTH_SENT,
464  SIGN_WAIT_FOR_FLUSH
465 };
466 
469 typedef struct {
470  enum FAPI_SIGN_STATE state;
471  const char *keyPath;
472  ESYS_TR handle;
473  TPM2B_DIGEST digest;
474  uint8_t *data;
475  size_t data_size;
476  size_t offset;
477  size_t chunk;
478  TPMT_SIG_SCHEME scheme;
479  IFAPI_OBJECT *key_object;
480  TPMT_SIGNATURE *tpm_signature;
481  TPMI_YES_NO decrypt;
482  TPMT_SIGNATURE *signature;
483  char const *padding;
484  char *certificate;
485  uint8_t *ret_signature;
486  size_t signatureSize;
487  char *publicKey;
488  TPMT_TK_HASHCHECK *validation;
489  ESYS_TR sequence_handle;
490 } IFAPI_Key_Sign;
491 
494 typedef struct {
495  const char *keyPath;
496  IFAPI_OBJECT *object;
497  TPM2B_SENSITIVE_DATA *unseal_data;
498 } IFAPI_Unseal;
499 
502 typedef struct {
503  TPMS_CAPABILITY_DATA *capability_data;
504  TPMS_CAPABILITY_DATA *fetched_data;
505  size_t idx_info_cap;
506  IFAPI_INFO info_obj;
507  UINT32 property_count;
508  UINT32 property;
509 } IFAPI_GetInfo;
510 
512 enum IFAPI_HIERACHY_AUTHORIZATION_STATE {
513  HIERARCHY_CHANGE_AUTH_INIT = 0,
514  HIERARCHY_CHANGE_AUTH_NULL_AUTH_SENT,
515  HIERARCHY_CHANGE_AUTH_AUTH_SENT
516 };
517 
519 enum IFAPI_HIERACHY_POLICY_AUTHORIZATION_STATE {
520  HIERARCHY_CHANGE_POLICY_INIT = 0,
521  HIERARCHY_CHANGE_POLICY_NULL_AUTH_SENT,
522  HIERARCHY_CHANGE_POLICY_AUTHORIZE,
523  HIERARCHY_CHANGE_POLICY_AUTH_SENT
524 };
525 
528 typedef struct {
529  const char *entityPath;
530  ESYS_TR handle;
531  IFAPI_OBJECT *key_object;
532  const char *authValue;
533  TPM2B_AUTH newAuthValue;
534  TPM2B_PRIVATE *newPrivate;
535  IFAPI_OBJECT object;
536  IFAPI_OBJECT hiearchy_object;
537  ESYS_TR nv_index;
538  ESYS_TR hierarchy_handle;
539  char **pathlist;
540  size_t numPaths;
541  size_t numPathsCleanup;
542 } IFAPI_Entity_ChangeAuth;
543 
546 typedef struct {
547  const char *policyPath;
548  const char *signingKeyPath;
549  TPM2B_DIGEST policyRef;
550  TPMS_POLICYAUTHORIZATION authorization;
551 } IFAPI_Fapi_AuthorizePolicy;
552 
555 typedef struct {
556  const char *policyPath;
557  TPMI_ALG_HASH *hash_alg;
558  size_t hash_size;
559  size_t digest_idx;
560 } IFAPI_api_WriteAuthorizeNv;
561 
564 typedef struct {
565  IFAPI_OBJECT hierarchy_lockout;
566  IFAPI_OBJECT hierarchy_hs;
567  IFAPI_OBJECT hierarchy_he;
568  IFAPI_OBJECT hierarchy_hn;
569  IFAPI_OBJECT *hierarchy;
570  TPMS_POLICY *hierarchy_policy;
571  IFAPI_KEY_TEMPLATE public_templ;
572  TPM2B_PUBLIC public;
573  char **pathlist;
574  size_t numPaths;
575  size_t numHierarchyObjects;
576  size_t hiearchy_idx;
577  size_t path_idx;
578  IFAPI_OBJECT *hierarchies;
579  TPM2B_SENSITIVE_CREATE inSensitive;
580  TPM2B_DATA outsideInfo;
581  TPML_PCR_SELECTION creationPCR;
582  ESYS_TR handle;
583  const char *authValueLockout;
584  const char *authValueEh;
585  const char *policyPathEh;
586  const char *authValueSh;
587  const char *policyPathSh;
588  size_t digest_idx;
589  size_t hash_size;
590  TPM2_HANDLE cert_nv_idx;
591  TPM2B_NV_PUBLIC *nvPublic;
592  ESYS_TR esys_nv_cert_handle;
593  char *pem_cert;
594  TPM2_ALG_ID cert_key_type;
595  size_t cert_count;
596  size_t cert_idx;
597  TPMS_CAPABILITY_DATA *capabilityData;
598  IFAPI_OBJECT hierarchy_object;
599  TPM2B_AUTH hierarchy_auth;
600  TPM2B_DIGEST policy_digest;
601  char *intermed_crt;
602  char *root_crt;
603  TPMA_PERMANENT auth_state;
604  ESYS_TR srk_esys_handle;
605  ESYS_TR ek_esys_handle;
606  ESYS_TR srk_tpm_handle;
607  ESYS_TR ek_tpm_handle;
608  bool srk_exists;
609  TPM2_HANDLE template_nv_index;
610  TPM2_HANDLE nonce_nv_index;
611  bool cert_chain_exists;
612  uint8_t *certs;
613  size_t cert_list_size;
614 } IFAPI_Provision;
615 
618 typedef struct {
619  char *path;
620  IFAPI_OBJECT hierarchy;
621  IFAPI_OBJECT pkey_object;
622  TPM2B_SENSITIVE_CREATE inSensitive;
623  TPM2B_DATA outsideInfo;
624  TPML_PCR_SELECTION creationPCR;
625  ESYS_TR handle;
626  TPMI_DH_PERSISTENT persistent_handle;
627  TPMS_CAPABILITY_DATA *capabilityData;
628 } IFAPI_CreatePrimary;
629 
632 typedef struct {
633  const char *keyPath;
634  uint8_t const *signature;
635  size_t signatureSize;
636  uint8_t const *digest;
637  size_t digestSize;
638  IFAPI_OBJECT key_object;
639 } IFAPI_Key_VerifySignature;
640 
642 enum IFAPI_STATE_POLICY {
643  POLICY_INIT = 0,
644  POLICY_READ,
645  POLICY_READ_FINISH,
646  POLICY_INSTANTIATE_PREPARE,
647  POLICY_INSTANTIATE,
648  POLICY_EXECUTE_PREPARE,
649  POLICY_EXECUTE,
650  POLICY_FLUSH
651 };
652 
653 typedef struct IFAPI_POLICY_EXEC_CTX IFAPI_POLICY_EXEC_CTX;
654 typedef struct IFAPI_POLICYUTIL_STACK IFAPI_POLICYUTIL_STACK;
655 
657 enum FAPI_CREATE_SESSION_STATE { CREATE_SESSION_INIT = 0, CREATE_SESSION, WAIT_FOR_CREATE_SESSION };
658 
661 typedef struct {
662  enum IFAPI_STATE_POLICY state;
663  struct TPMS_POLICY policy;
664  size_t digest_idx;
665  size_t hash_size;
666  char **pathlist;
667  TPMI_ALG_HASH hash_alg;
668  IFAPI_POLICY_EXEC_CTX *policy_stack;
671  IFAPI_POLICYUTIL_STACK *util_current_policy;
672  IFAPI_POLICYUTIL_STACK *policyutil_stack;
676  ESYS_TR session;
678  enum FAPI_CREATE_SESSION_STATE create_session_state;
679  char *path;
680  IFAPI_POLICY_EVAL_INST_CTX eval_ctx;
681 } IFAPI_POLICY_CTX;
682 
684 enum IFAPI_STATE_FILE_SEARCH { FSEARCH_INIT = 0, FSEARCH_READ, FSEARCH_OBJECT };
685 
688 typedef struct {
689  enum IFAPI_STATE_FILE_SEARCH state;
690  char **pathlist;
691  size_t path_idx;
692  size_t numPaths;
693  char *current_path;
694 } IFAPI_FILE_SEARCH_CTX;
695 
697 enum FAPI_STATE_PREPARE_LOAD_KEY {
698  PREPARE_LOAD_KEY_INIT = 0,
699  PREPARE_LOAD_KEY_WAIT_FOR_SESSION,
700  PREPARE_LOAD_KEY_INIT_KEY,
701  PREPARE_LOAD_KEY_WAIT_FOR_KEY
702 };
703 
705 enum FAPI_STATE_LOAD_KEY {
706  LOAD_KEY_GET_PATH = 0,
707  LOAD_KEY_READ_KEY,
708  LOAD_KEY_WAIT_FOR_PRIMARY,
709  LOAD_KEY_LOAD_KEY,
710  LOAD_KEY_AUTH,
711  LOAD_KEY_AUTHORIZE
712 };
713 
716 typedef struct {
717  char const *pathOfKeyToDuplicate;
718  char const *pathToPublicKeyOfNewParent;
719  TPM2B_PUBLIC public_parent;
720  IFAPI_OBJECT *key_object;
721  IFAPI_OBJECT export_tree;
722  IFAPI_OBJECT pub_key;
723  IFAPI_OBJECT dup_key;
724  struct TPMS_POLICY policy;
725  ESYS_TR handle_ext_key;
726  char *exportedData;
727 } IFAPI_ExportKey;
728 
731 typedef struct {
732  char const *path;
734  IFAPI_OBJECT object;
735  TPMS_POLICY policy;
736  TPMI_ALG_HASH hashAlg;
737  size_t profile_idx;
738  bool compute_policy;
741 } IFAPI_ExportPolicy;
742 
745 typedef struct {
746  IFAPI_OBJECT object;
747  TPM2B_NAME parent_name;
748  IFAPI_OBJECT *parent_object;
749  IFAPI_OBJECT new_object;
750  char *parent_path;
751  char *out_path;
752  TPM2B_PRIVATE *private;
753  char *jso_string;
754  const IFAPI_PROFILE *profile;
755  IFAPI_KEY_TEMPLATE public_templ;
756  const char *ossl_priv;
757  TPM2B_SENSITIVE sensitive;
758 } IFAPI_ImportKey;
759 
762 typedef struct {
763  enum FAPI_STATE_LOAD_KEY state;
764  enum FAPI_STATE_PREPARE_LOAD_KEY prepare_state;
765  NODE_STR_T *path_list;
766  NODE_OBJECT_T *key_list;
767  IFAPI_OBJECT auth_object;
768  size_t position;
769  ESYS_TR handle;
770  ESYS_TR parent_handle;
771  bool parent_handle_persistent;
772  IFAPI_OBJECT *key_object;
773  char *key_path;
774  char const *path;
775 } IFAPI_LoadKey;
776 
779 typedef struct {
780  bool is_key;
781  bool is_persistent_key;
782  ESYS_TR new_object_handle;
783  TPM2_HANDLE permanentHandle;
784  IFAPI_OBJECT auth_object;
785  ESYS_TR auth_index;
786  char *path;
787  IFAPI_OBJECT object;
788  char **pathlist;
789  size_t numPaths;
790  size_t path_idx;
791 } IFAPI_Entity_Delete;
792 
795 typedef struct {
796  uint8_t type;
797  uint8_t *data;
798  size_t length;
799  bool is_key;
800  bool is_persistent_key;
801  ESYS_TR new_object_handle;
802  TPM2_HANDLE permanentHandle;
803  IFAPI_OBJECT auth_object;
804  ESYS_TR auth_index;
805  char *path;
806  IFAPI_OBJECT object;
807  IFAPI_OBJECT *key_object;
808 } IFAPI_GetEsysBlob;
809 
812 typedef struct {
813  const char *searchPath;
814 } IFAPI_Entities_List;
815 
821 typedef union {
822  IFAPI_Provision Provision;
823  IFAPI_Key_Create Key_Create;
824  IFAPI_Key_SetCertificate Key_SetCertificate;
825  IFAPI_Entity_ChangeAuth Entity_ChangeAuth;
826  IFAPI_Entity_Delete Entity_Delete;
827  IFAPI_GetEsysBlob GetEsysBlob;
828  IFAPI_Entities_List Entities_List;
829  IFAPI_Key_VerifySignature Key_VerifySignature;
830  IFAPI_Data_EncryptDecrypt Data_EncryptDecrypt;
831  IFAPI_PCR pcr;
832  IFAPI_INITIALIZE Initialize;
833  IFAPI_Path_SetDescription path_set_info;
834  IFAPI_Fapi_AuthorizePolicy Policy_AuthorizeNewPolicy;
835  IFAPI_api_WriteAuthorizeNv WriteAuthorizeNV;
836  IFAPI_ExportKey ExportKey;
837  IFAPI_ImportKey ImportKey;
838  IFAPI_Unseal Unseal;
839  IFAPI_GetInfo GetInfo;
840  IFAPI_ExportPolicy ExportPolicy;
841 } IFAPI_CMD_STATE;
842 
844 enum FAPI_STATE_PRIMARY {
845  PRIMARY_INIT = 0,
846  PRIMARY_READ_KEY,
847  PRIMARY_READ_HIERARCHY,
848  PRIMARY_READ_HIERARCHY_FINISH,
849  PRIMARY_AUTHORIZE_HIERARCHY,
850  PRIMARY_GET_AUTH_VALUE,
851  PRIMARY_WAIT_FOR_PRIMARY,
852  PRIMARY_HAUTH_SENT,
853  PRIMARY_CREATED,
854  PRIMARY_VERIFY_PERSISTENT,
855  PRIMARY_GET_CAP
856 };
857 
859 enum FAPI_STATE_SESSION {
860  SESSION_INIT = 0,
861  SESSION_WAIT_FOR_PRIMARY,
862  SESSION_CREATE_SESSION,
863  SESSION_WAIT_FOR_SESSION1,
864  SESSION_WAIT_FOR_SESSION2
865 };
866 
868 enum FAPI_STATE_GET_RANDOM { GET_RANDOM_INIT = 0, GET_RANDOM_SENT };
869 
871 enum FAPI_FLUSH_STATE { FLUSH_INIT = 0, WAIT_FOR_FLUSH };
872 
874 enum FAPI_STATE {
875  FAPI_STATE_INIT = 0,
878  FAPI_STATE_INTERNALERROR,
880  INITIALIZE_READ,
881  INITIALIZE_INIT_TCTI,
882  INITIALIZE_GET_CAP,
883  INITIALIZE_WAIT_FOR_CAP,
884  INITIALIZE_READ_PROFILE,
885  INITIALIZE_READ_PROFILE_INIT,
886  INITIALIZE_READ_TIME,
887  INITIALIZE_CHECK_NULL_PRIMARY,
888  INITIALIZE_READ_NULL_PRIMARY,
889  INITIALIZE_CHECK_EXISTING_NV,
890  PROVISION_WAIT_FOR_GET_CAP_AUTH_STATE,
891  PROVISION_WAIT_FOR_GET_CAP0,
892  PROVISION_WAIT_FOR_GET_CAP1,
893  PROVISION_INIT_GET_CAP2,
894  PROVISION_WAIT_FOR_GET_CAP2,
895  PROVISION_GET_CERT_NV,
896  PROVISION_GET_CERT_NV_FINISH,
897  PROVISION_GET_CERT_READ_PUBLIC,
898  PROVISION_READ_CERT,
899  PROVISION_READ_CERT_CHAIN,
900  PROVISION_PREPARE_READ_ROOT_CERT,
901  PROVISION_READ_ROOT_CERT,
902  PROVISION_PREPARE_READ_INT_CERT,
903  PROVISION_READ_INT_CERT,
904  PROVISION_INIT,
905  PROVISION_INIT_SRK,
906  PROVISION_WAIT_FOR_EK_SESSION,
907  PROVISION_WAIT_FOR_SRK_SESSION,
908  PROVISION_AUTH_EK_NO_AUTH_SENT,
909  PROVISION_AUTH_EK_AUTH_SENT,
910  PROVISION_AUTH_SRK_NO_AUTH_SENT,
911  PROVISION_AUTH_SRK_AUTH_SENT,
912  PROVISION_CLEAN_EK_SESSION,
913  PROVISION_CLEAN_SRK_SESSION,
914  PROVISION_EK_WRITE_PREPARE,
915  PROVISION_EK_WRITE,
916  PROVISION_EK_CHECK_CERT,
917  PROVISION_SRK_WRITE_PREPARE,
918  PROVISION_SRK_WRITE,
919  PROVISION_WAIT_FOR_EK_PERSISTENT,
920  PROVISION_WAIT_FOR_SRK_PERSISTENT,
921  PROVISION_CHANGE_LOCKOUT_AUTH,
922  PROVISION_CHANGE_EH_CHECK,
923  PROVISION_CHANGE_EH_AUTH,
924  PROVISION_CHANGE_SH_CHECK,
925  PROVISION_CHANGE_SH_AUTH,
926  PROVISION_EH_CHANGE_POLICY,
927  PROVISION_SH_CHANGE_POLICY,
928  PROVISION_LOCKOUT_CHANGE_POLICY,
929  PROVISION_FINISHED,
930  PROVISION_WRITE_SH,
931  PROVISION_WRITE_EH,
932  PROVISION_PREPARE_NULL,
933  PROVISION_WRITE_NULL,
934  PROVISION_WRITE_LOCKOUT,
935  PROVISION_WRITE_LOCKOUT_PARAM,
936  PROVISION_PREPARE_LOCKOUT_PARAM,
937  PROVISION_AUTHORIZE_LOCKOUT,
938  PROVISION_FLUSH_SRK,
939  PROVISION_FLUSH_EK,
940  PROVISION_CHECK_FOR_VENDOR_CERT,
941  PROVISION_GET_VENDOR,
942  PROVISION_GET_HIERARCHIES,
943  PROVISION_READ_HIERARCHIES,
944  PROVISION_READ_HIERARCHY,
945  PROVISION_WRITE_HIERARCHIES,
946  PROVISION_WRITE_HIERARCHY,
947  PROVISION_PREPARE_GET_CAP_AUTH_STATE,
948  PROVISION_SRK_GET_PERSISTENT_NAME,
949  PROVISION_CHECK_SRK_EVICT_CONTROL,
950  PROVISION_AUTHORIZE_HS_FOR_EK_EVICT,
951  PROVISION_PREPARE_EK_EVICT,
952  PROVISION_READ_EK_TEMPLATE,
953  PROVISION_READ_EK_NONCE,
954  PROVISION_CHECK_EXISTING_NV,
955 
956  KEY_CREATE,
957  KEY_CREATE_PRIMARY,
958 
959  CREATE_SEAL,
960 
961  KEY_SET_CERTIFICATE_READ,
962  KEY_SET_CERTIFICATE_WRITE,
963 
964  KEY_GET_CERTIFICATE_READ,
965 
966  GET_RANDOM_WAIT_FOR_SESSION,
967  GET_RANDOM_WAIT_FOR_RANDOM,
968  GET_RANDOM_CLEANUP,
969 
970  NV_CREATE_READ_PROFILE,
971  NV_CREATE_READ_HIERARCHY,
972  NV_CREATE_AUTHORIZE_HIERARCHY,
973  NV_CREATE_GET_INDEX,
974  NV_CREATE_FIND_INDEX,
975  NV_CREATE_WAIT_FOR_SESSION,
976 
977  NV_CREATE_AUTH_SENT,
978  NV_CREATE_WRITE,
979  NV_CREATE_CALCULATE_POLICY,
980  NV_CREATE_CHECK_EXISTING,
981  NV_CREATE_INDEX,
982  NV_CREATE_SERIALIZE,
983 
984  NV_WRITE_READ,
985  NV_WRITE_WRITE,
986  NV_WRITE_CLEANUP,
987 
988  NV_EXTEND_READ,
989  NV_EXTEND_WAIT_FOR_SESSION,
990  NV_EXTEND_AUTHORIZE,
991  NV_EXTEND_AUTH_SENT,
992  NV_EXTEND_WRITE,
993  NV_EXTEND_CLEANUP,
994 
995  NV_INCREMENT_READ,
996  NV_INCREMENT_WAIT_FOR_SESSION,
997  NV_INCREMENT_AUTHORIZE,
998  NV_INCREMENT_AUTH_SENT,
999  NV_INCREMENT_WRITE,
1000  NV_INCREMENT_CLEANUP,
1001 
1002  NV_SET_BITS_READ,
1003  NV_SET_BITS_WAIT_FOR_SESSION,
1004  NV_SET_BITS_AUTHORIZE,
1005  NV_SET_BITS_AUTH_SENT,
1006  NV_SET_BITS_WRITE,
1007  NV_SET_BITS_CLEANUP,
1008 
1009  NV_READ_READ,
1010  NV_READ_WAIT,
1011  NV_READ_WAIT_FOR_SESSION,
1012  NV_READ_CLEANUP,
1013 
1014  ENTITY_DELETE_GET_FILE,
1015  ENTITY_DELETE_READ,
1016  ENTITY_DELETE_WAIT_FOR_SESSION,
1017  ENTITY_DELETE_NULL_AUTH_SENT_FOR_KEY,
1018  ENTITY_DELETE_AUTH_SENT_FOR_KEY,
1019  ENTITY_DELETE_NULL_AUTH_SENT_FOR_NV,
1020  ENTITY_DELETE_AUTH_SENT_FOR_NV,
1021  ENTITY_DELETE_KEY,
1022  ENTITY_DELETE_KEY_WAIT_FOR_HIERARCHY,
1023  ENTITY_DELETE_KEY_WAIT_FOR_AUTHORIZATION,
1024  ENTITY_DELETE_AUTHORIZE_NV,
1025  ENTITY_DELETE_FILE,
1026  ENTITY_DELETE_POLICY,
1027  ENTITY_DELETE_REMOVE_DIRS,
1028  ENTITY_DELETE_CLEANUP,
1029  ENTITY_DELETE_READ_HIERARCHY,
1030 
1031  GET_ESYS_BLOB_GET_FILE,
1032  GET_ESYS_BLOB_READ,
1033  GET_ESYS_BLOB_NULL_AUTH_SENT_FOR_KEY,
1034  GET_ESYS_BLOB_AUTH_SENT_FOR_KEY,
1035  GET_ESYS_BLOB_NULL_AUTH_SENT_FOR_NV,
1036  GET_ESYS_BLOB_AUTH_SENT_FOR_NV,
1037  GET_ESYS_BLOB_KEY,
1038  GET_ESYS_BLOB_WAIT_FOR_KEY,
1039  GET_ESYS_BLOB_WAIT_FOR_CONTEXT_SAVE,
1040  GET_ESYS_BLOB_SERIALIZE,
1041  GET_ESYS_BLOB_FILE,
1042  GET_ESYS_BLOB_WAIT_FOR_FLUSH,
1043  GET_ESYS_BLOB_CLEANUP,
1044 
1045  ENTITY_GET_TPM_BLOBS_READ,
1046 
1047  KEY_SIGN_WAIT_FOR_KEY,
1048  KEY_SIGN_WAIT_FOR_SIGN,
1049  KEY_SIGN_CLEANUP,
1050 
1051  KEY_DIGEST_AND_SIGN_WAIT_FOR_KEY,
1052  KEY_DIGEST_AND_SIGN_WAIT_FOR_SIGN,
1053  KEY_DIGEST_AND_SIGN_COMPUTE_HASH,
1054  KEY_DIGEST_AND_SIGN_WAIT_FOR_HASH,
1055  KEY_DIGEST_AND_SIGN_WAIT_FOR_HASH_SEQUENCE_INIT,
1056  KEY_DIGEST_AND_SIGN_WAIT_FOR_HASH_UPDATE_INIT,
1057  KEY_DIGEST_AND_SIGN_WAIT_FOR_HASH_UPDTATE,
1058  KEY_DIGEST_AND_SIGN_WAIT_FOR_HASH_COMPLETE_INIT,
1059  KEY_DIGEST_AND_SIGN_WAIT_FOR_HASH_COMPLETE,
1060  KEY_DIGEST_AND_SIGN_CLEANUP,
1061 
1062  ENTITY_CHANGE_AUTH_WAIT_FOR_SESSION,
1063  ENTITY_CHANGE_AUTH_WAIT_FOR_KEY,
1064  ENTITY_CHANGE_AUTH_AUTH_SENT,
1065  ENTITY_CHANGE_AUTH_WAIT_FOR_FLUSH,
1066  ENTITY_CHANGE_AUTH_WRITE_PREPARE,
1067  ENTITY_CHANGE_AUTH_WRITE,
1068  ENTITY_CHANGE_AUTH_WAIT_FOR_KEY_AUTH,
1069  ENTITY_CHANGE_AUTH_WAIT_FOR_NV_READ,
1070  ENTITY_CHANGE_AUTH_WAIT_FOR_NV_AUTH,
1071  ENTITY_CHANGE_AUTH_WAIT_FOR_NV_CHANGE_AUTH,
1072  ENTITY_CHANGE_AUTH_HIERARCHY_CHANGE_AUTH,
1073  ENTITY_CHANGE_AUTH_HIERARCHY_READ,
1074  ENTITY_CHANGE_AUTH_HIERARCHY_AUTHORIZE,
1075  ENTITY_CHANGE_AUTH_SAVE_HIERARCHIES_PREPARE,
1076  ENTITY_CHANGE_AUTH_SAVE_HIERARCHIES_FINISH,
1077  ENTITY_CHANGE_AUTH_CLEANUP,
1078 
1079  DATA_ENCRYPT_WAIT_FOR_PROFILE,
1080  DATA_ENCRYPT_WAIT_FOR_SESSION,
1081  DATA_ENCRYPT_WAIT_FOR_KEY,
1082  DATA_ENCRYPT_WAIT_FOR_EXT_KEY,
1083  DATA_ENCRYPT_WAIT_FOR_FLUSH,
1084  DATA_ENCRYPT_WAIT_FOR_RSA_ENCRYPTION,
1085  DATA_ENCRYPT_CLEAN,
1086 
1087  DATA_DECRYPT_WAIT_FOR_PROFILE,
1088  DATA_DECRYPT_WAIT_FOR_SESSION,
1089  DATA_DECRYPT_WAIT_FOR_KEY,
1090  DATA_DECRYPT_WAIT_FOR_FLUSH,
1091  DATA_DECRYPT_WAIT_FOR_RSA_DECRYPTION,
1092  DATA_DECRYPT_AUTHORIZE_KEY,
1093  DATA_DECRYPT_CLEANUP,
1094 
1095  PCR_EXTEND_WAIT_FOR_SESSION,
1096  PCR_EXTEND_WAIT_FOR_GET_CAP,
1097  PCR_EXTEND_READ_EVENT_LOG,
1098  PCR_EXTEND_APPEND_EVENT_LOG,
1099  PCR_EXTEND_FINISH,
1100  PCR_EXTEND_CLEANUP,
1101 
1102  PCR_READ_READ_PCR,
1103  PCR_READ_READ_EVENT_LIST,
1104 
1105  PCR_QUOTE_WAIT_FOR_GET_CAP,
1106  PCR_QUOTE_WAIT_FOR_SESSION,
1107  PCR_QUOTE_WAIT_FOR_KEY,
1108  PCR_QUOTE_AUTH_SENT,
1109  PCR_QUOTE_AUTHORIZE,
1110  PCR_QUOTE_WAIT_FOR_FLUSH,
1111  PCR_QUOTE_READ_EVENT_LIST,
1112  PCR_QUOTE_CLEANUP,
1113 
1114  PATH_SET_DESCRIPTION_READ,
1115  PATH_SET_DESCRIPTION_WRITE,
1116 
1117  PATH_GET_DESCRIPTION_READ,
1118 
1119  APP_DATA_SET_READ,
1120  APP_DATA_SET_WRITE,
1121 
1122  AUTHORIZE_NEW_CALCULATE_POLICY,
1123  AUTHORIZE_NEW_LOAD_KEY,
1124  AUTHORIZE_NEW_KEY_SIGN_POLICY,
1125  AUTHORIZE_NEW_WRITE_POLICY_PREPARE,
1126  AUTHORIZE_NEW_WRITE_POLICY,
1127  AUTHORIZE_NEW_CLEANUP,
1128 
1129  WRITE_AUTHORIZE_NV_READ_NV,
1130  WRITE_AUTHORIZE_NV_CALCULATE_POLICY,
1131  WRITE_AUTHORIZE_NV_WRITE_NV_RAM_PREPARE,
1132  WRITE_AUTHORIZE_NV_WRITE_NV_RAM,
1133  WRITE_AUTHORIZE_NV_WRITE_OBJCECT,
1134  WRITE_AUTHORIZE_NV_WRITE_POLICY_PREPARE,
1135  WRITE_AUTHORIZE_NV_WRITE_POLICY,
1136  WRITE_AUTHORIZE_NV_CLEANUP,
1137 
1138  EXPORT_KEY_READ_PUB_KEY,
1139  EXPORT_KEY_READ_PUB_KEY_PARENT,
1140  EXPORT_KEY_WAIT_FOR_KEY,
1141  EXPORT_KEY_WAIT_FOR_DUPLICATE,
1142  EXPORT_KEY_WAIT_FOR_EXT_KEY,
1143  EXPORT_KEY_WAIT_FOR_AUTHORIZATON,
1144  EXPORT_KEY_WAIT_FOR_FLUSH1,
1145  EXPORT_KEY_WAIT_FOR_FLUSH2,
1146  EXPORT_KEY_CLEANUP,
1147 
1148  IMPORT_KEY_WRITE_POLICY,
1149  IMPORT_KEY_WRITE,
1150  IMPORT_KEY_SEARCH,
1151  IMPORT_KEY_LOAD_PARENT,
1152  IMPORT_KEY_AUTHORIZE_PARENT,
1153  IMPORT_KEY_IMPORT,
1154  IMPORT_KEY_WAIT_FOR_FLUSH,
1155  IMPORT_KEY_WRITE_OBJECT_PREPARE,
1156  IMPORT_KEY_WRITE_OBJECT,
1157  IMPORT_KEY_CLEANUP,
1158  IMPORT_WAIT_FOR_SESSION,
1159  IMPORT_WAIT_FOR_PARENT,
1160  IMPORT_WAIT_FOR_AUTHORIZATION,
1161  IMPORT_WAIT_FOR_KEY,
1162  IMPORT_WRITE,
1163  IMPORT_FLUSH_PARENT,
1164  IMPORT_FLUSH_KEY,
1165  IMPORT_CLEANUP,
1166 
1167  UNSEAL_WAIT_FOR_KEY,
1168  UNSEAL_AUTHORIZE_OBJECT,
1169  UNSEAL_WAIT_FOR_UNSEAL,
1170  UNSEAL_WAIT_FOR_FLUSH,
1171  UNSEAL_CLEANUP,
1172 
1173  GET_PLATFORM_CERTIFICATE,
1174 
1175  POLICY_EXPORT_READ_OBJECT,
1176  POLICY_EXPORT_READ_OBJECT_FINISH,
1177  POLICY_EXPORT_READ_POLICY,
1178  POLICY_EXPORT_READ_POLICY_FINISH,
1179  POLICY_EXPORT_CHECK_DIGEST,
1180  POLICY_EXPORT_COMPUTE_POLICY_DIGEST,
1181 
1182  VERIFY_QUOTE_READ,
1183 
1184  GET_INFO_GET_CAP,
1185  GET_INFO_GET_CAP_MORE,
1186  GET_INFO_WAIT_FOR_CAP
1187 };
1188 
1195 struct IFAPI_CALLBACKS {
1196  Fapi_CB_Auth auth;
1197  void *authData;
1198  Fapi_CB_Branch branch;
1199  void *branchData;
1200  Fapi_CB_Sign sign;
1201  void *signData;
1202  Fapi_CB_PolicyAction action;
1203  void *actionData;
1204 };
1205 
1212 struct FAPI_CONTEXT {
1213  ESYS_CONTEXT *esys;
1215  struct IFAPI_CALLBACKS callbacks;
1216  struct IFAPI_IO io;
1217  struct IFAPI_EVENTLOG eventlog;
1218  struct IFAPI_KEYSTORE keystore;
1219  struct IFAPI_POLICY_STORE pstore;
1220  struct IFAPI_PROFILES profiles;
1221  TPMS_TIME_INFO init_time;
1223  enum FAPI_STATE state;
1224  enum FAPI_STATE_PRIMARY primary_state;
1225  enum FAPI_STATE_SESSION session_state;
1226  enum FAPI_STATE_GET_RANDOM get_random_state;
1227  enum IFAPI_HIERACHY_AUTHORIZATION_STATE hierarchy_state;
1228  enum IFAPI_HIERACHY_POLICY_AUTHORIZATION_STATE hierarchy_policy_state;
1229  enum IFAPI_GET_CERT_STATE get_cert_state;
1230  enum FAPI_FLUSH_STATE flush_object_state;
1231  enum IFAPI_CLEANUP_STATE cleanup_state;
1232  enum IFAPI_READ_NV_PUBLIC_STATE read_nv_public_state;
1233  IFAPI_CONFIG config;
1234  UINT32 nv_buffer_max;
1235  IFAPI_CMD_STATE cmd;
1237  IFAPI_NV_Cmds nv_cmd;
1238  IFAPI_CREATE_NV create_nv;
1239  IFAPI_GetRandom get_random;
1240  IFAPI_CreatePrimary createPrimary;
1241  IFAPI_LoadKey loadKey;
1242  ESYS_TR session1;
1243  ESYS_TR session2;
1244  ESYS_TR policy_session;
1245  ESYS_TR ek_handle;
1246  ESYS_TR srk_handle;
1247  TPMI_DH_PERSISTENT ek_persistent;
1248  TPMI_DH_PERSISTENT srk_persistent;
1249  IFAPI_SESSION_TYPE session_flags;
1250  TPMA_SESSION session1_attribute_flags;
1251  TPMA_SESSION session2_attribute_flags;
1252  IFAPI_MAX_BUFFER aux_data;
1253  IFAPI_POLICY_CTX policy;
1254  IFAPI_FILE_SEARCH_CTX fsearch;
1255  IFAPI_Key_Sign Key_Sign;
1256  enum IFAPI_IO_STATE io_state;
1257  NODE_OBJECT_T *object_list;
1258  IFAPI_OBJECT *duplicate_key;
1259  IFAPI_OBJECT *current_auth_object;
1260 };
1261 
1262 #define VENDOR_IFX 0x49465800
1263 #define VENDOR_INTC 0x494E5443
1264 #define VEDNOR_IBM 0x49424D20
1265 #define VENDOR_AMD 0x414D4400
1266 
1267 #endif /* FAPI_INT_H */
ESYS_TR
uint32_t ESYS_TR
Definition: tss2_esys.h:16
ESYS_CONTEXT
Definition: esys_int.h:168
FAPI_CONTEXT
Definition: fapi_int.h:1212
FAPI_CONTEXT::Key_Sign
IFAPI_Key_Sign Key_Sign
Definition: fapi_int.h:1255
FAPI_CONTEXT::session_state
enum FAPI_STATE_SESSION session_state
Definition: fapi_int.h:1225
FAPI_CONTEXT::nv_buffer_max
UINT32 nv_buffer_max
Definition: fapi_int.h:1234
FAPI_CONTEXT::session2
ESYS_TR session2
Definition: fapi_int.h:1243
FAPI_CONTEXT::aux_data
IFAPI_MAX_BUFFER aux_data
Definition: fapi_int.h:1252
FAPI_CONTEXT::cmd
IFAPI_CMD_STATE cmd
Definition: fapi_int.h:1235
FAPI_CONTEXT::fsearch
IFAPI_FILE_SEARCH_CTX fsearch
Definition: fapi_int.h:1254
FAPI_CONTEXT::get_random_state
enum FAPI_STATE_GET_RANDOM get_random_state
Definition: fapi_int.h:1226
FAPI_CONTEXT::duplicate_key
IFAPI_OBJECT * duplicate_key
Definition: fapi_int.h:1258
FAPI_CONTEXT::state
enum FAPI_STATE state
Definition: fapi_int.h:1223
FAPI_CONTEXT::callbacks
struct IFAPI_CALLBACKS callbacks
Definition: fapi_int.h:1215
FAPI_CONTEXT::esys
ESYS_CONTEXT * esys
Definition: fapi_int.h:1213
FAPI_CONTEXT::config
IFAPI_CONFIG config
Definition: fapi_int.h:1233
FAPI_CONTEXT::session1
ESYS_TR session1
Definition: fapi_int.h:1242
FAPI_CONTEXT::cleanup_state
enum IFAPI_CLEANUP_STATE cleanup_state
Definition: fapi_int.h:1231
FAPI_CONTEXT::init_time
TPMS_TIME_INFO init_time
Definition: fapi_int.h:1221
FAPI_CONTEXT::primary_state
enum FAPI_STATE_PRIMARY primary_state
Definition: fapi_int.h:1224
FAPI_CONTEXT::policy_session
ESYS_TR policy_session
Definition: fapi_int.h:1244
FAPI_CONTEXT::policy
IFAPI_POLICY_CTX policy
Definition: fapi_int.h:1253
FAPI_CONTEXT::flush_object_state
enum FAPI_FLUSH_STATE flush_object_state
Definition: fapi_int.h:1230
FAPI_QUOTE_INFO
Definition: ifapi_eventlog.h:92
IFAPI_CALLBACKS
Definition: fapi_int.h:1195
IFAPI_CAP_INFO
Definition: fapi_int.h:166
IFAPI_CONFIG
Definition: ifapi_config.h:18
IFAPI_CREATE_NV
Definition: fapi_int.h:294
IFAPI_CREATE_NV::more_data
TPMI_YES_NO more_data
Definition: fapi_int.h:302
IFAPI_CREATE_NV::pathlist
char ** pathlist
Definition: fapi_int.h:297
IFAPI_CREATE_NV::nv_cap_idx
UINT32 nv_cap_idx
Definition: fapi_int.h:299
IFAPI_CREATE_NV::nv_idx_list
TPMI_RH_NV_INDEX * nv_idx_list
Definition: fapi_int.h:301
IFAPI_CREATE_NV::nv_index
TPM2_HANDLE nv_index
Definition: fapi_int.h:303
IFAPI_CREATE_NV::numPaths
size_t numPaths
Definition: fapi_int.h:298
IFAPI_CREATE_NV::path
char * path
Definition: fapi_int.h:306
IFAPI_CREATE_NV::capability
TPMS_CAPABILITY_DATA * capability
Definition: fapi_int.h:296
IFAPI_CREATE_NV::nv_object
IFAPI_OBJECT nv_object
Definition: fapi_int.h:305
IFAPI_CREATE_NV::esys_nv_handle
ESYS_TR esys_nv_handle
Definition: fapi_int.h:304
IFAPI_CREATE_NV::path_idx
size_t path_idx
Definition: fapi_int.h:300
IFAPI_CreatePrimary
Definition: fapi_int.h:618
IFAPI_CreatePrimary::hierarchy
IFAPI_OBJECT hierarchy
Definition: fapi_int.h:620
IFAPI_CreatePrimary::path
char * path
Definition: fapi_int.h:619
IFAPI_Data_EncryptDecrypt
Definition: fapi_int.h:438
IFAPI_Data_EncryptDecrypt::key_object
IFAPI_OBJECT * key_object
Definition: fapi_int.h:442
IFAPI_Data_EncryptDecrypt::keyPath
char const * keyPath
Definition: fapi_int.h:439
IFAPI_Data_EncryptDecrypt::bytesRequested
UINT16 bytesRequested
Definition: fapi_int.h:446
IFAPI_Data_EncryptDecrypt::decrypt
size_t decrypt
Definition: fapi_int.h:445
IFAPI_Data_EncryptDecrypt::key_handle
ESYS_TR key_handle
Definition: fapi_int.h:443
IFAPI_Data_EncryptDecrypt::numBytes
size_t numBytes
Definition: fapi_int.h:444
IFAPI_EVENT
Definition: ifapi_eventlog.h:80
IFAPI_EVENTLOG
Definition: ifapi_eventlog.h:104
IFAPI_Entities_List
Definition: fapi_int.h:812
IFAPI_Entities_List::searchPath
const char * searchPath
Definition: fapi_int.h:813
IFAPI_Entity_ChangeAuth
Definition: fapi_int.h:528
IFAPI_Entity_ChangeAuth::key_object
IFAPI_OBJECT * key_object
Definition: fapi_int.h:531
IFAPI_Entity_ChangeAuth::pathlist
char ** pathlist
Definition: fapi_int.h:539
IFAPI_Entity_ChangeAuth::hiearchy_object
IFAPI_OBJECT hiearchy_object
Definition: fapi_int.h:536
IFAPI_Entity_ChangeAuth::numPathsCleanup
size_t numPathsCleanup
Definition: fapi_int.h:541
IFAPI_Entity_ChangeAuth::numPaths
size_t numPaths
Definition: fapi_int.h:540
IFAPI_Entity_ChangeAuth::authValue
const char * authValue
Definition: fapi_int.h:532
IFAPI_Entity_ChangeAuth::newPrivate
TPM2B_PRIVATE * newPrivate
Definition: fapi_int.h:534
IFAPI_Entity_ChangeAuth::hierarchy_handle
ESYS_TR hierarchy_handle
Definition: fapi_int.h:538
IFAPI_Entity_ChangeAuth::object
IFAPI_OBJECT object
Definition: fapi_int.h:535
IFAPI_Entity_ChangeAuth::nv_index
ESYS_TR nv_index
Definition: fapi_int.h:537
IFAPI_Entity_ChangeAuth::handle
ESYS_TR handle
Definition: fapi_int.h:530
IFAPI_Entity_ChangeAuth::newAuthValue
TPM2B_AUTH newAuthValue
Definition: fapi_int.h:533
IFAPI_Entity_ChangeAuth::entityPath
const char * entityPath
Definition: fapi_int.h:529
IFAPI_Entity_Delete
Definition: fapi_int.h:779
IFAPI_Entity_Delete::pathlist
char ** pathlist
Definition: fapi_int.h:788
IFAPI_Entity_Delete::permanentHandle
TPM2_HANDLE permanentHandle
Definition: fapi_int.h:783
IFAPI_Entity_Delete::numPaths
size_t numPaths
Definition: fapi_int.h:789
IFAPI_Entity_Delete::path
char * path
Definition: fapi_int.h:786
IFAPI_Entity_Delete::is_key
bool is_key
Definition: fapi_int.h:780
IFAPI_Entity_Delete::object
IFAPI_OBJECT object
Definition: fapi_int.h:787
IFAPI_Entity_Delete::is_persistent_key
bool is_persistent_key
Definition: fapi_int.h:781
IFAPI_Entity_Delete::auth_object
IFAPI_OBJECT auth_object
Definition: fapi_int.h:784
IFAPI_Entity_Delete::path_idx
size_t path_idx
Definition: fapi_int.h:790
IFAPI_Entity_Delete::auth_index
ESYS_TR auth_index
Definition: fapi_int.h:785
IFAPI_ExportKey
Definition: fapi_int.h:716
IFAPI_ExportKey::key_object
IFAPI_OBJECT * key_object
Definition: fapi_int.h:720
IFAPI_ExportKey::dup_key
IFAPI_OBJECT dup_key
Definition: fapi_int.h:723
IFAPI_ExportKey::pathToPublicKeyOfNewParent
char const * pathToPublicKeyOfNewParent
Definition: fapi_int.h:718
IFAPI_ExportKey::pub_key
IFAPI_OBJECT pub_key
Definition: fapi_int.h:722
IFAPI_ExportKey::public_parent
TPM2B_PUBLIC public_parent
Definition: fapi_int.h:719
IFAPI_ExportKey::export_tree
IFAPI_OBJECT export_tree
Definition: fapi_int.h:721
IFAPI_ExportKey::pathOfKeyToDuplicate
char const * pathOfKeyToDuplicate
Definition: fapi_int.h:717
IFAPI_ExportPolicy
Definition: fapi_int.h:731
IFAPI_ExportPolicy::profile_idx
size_t profile_idx
Definition: fapi_int.h:737
IFAPI_ExportPolicy::policy
TPMS_POLICY policy
Definition: fapi_int.h:735
IFAPI_ExportPolicy::hashAlg
TPMI_ALG_HASH hashAlg
Definition: fapi_int.h:736
IFAPI_ExportPolicy::object
IFAPI_OBJECT object
Definition: fapi_int.h:734
IFAPI_ExportPolicy::compute_policy
bool compute_policy
Definition: fapi_int.h:738
IFAPI_ExportPolicy::path
char const * path
Definition: fapi_int.h:732
IFAPI_FILE_SEARCH_CTX
Definition: fapi_int.h:688
IFAPI_FILE_SEARCH_CTX::pathlist
char ** pathlist
Definition: fapi_int.h:690
IFAPI_FILE_SEARCH_CTX::numPaths
size_t numPaths
Definition: fapi_int.h:692
IFAPI_FILE_SEARCH_CTX::path_idx
size_t path_idx
Definition: fapi_int.h:691
IFAPI_Fapi_AuthorizePolicy
Definition: fapi_int.h:546
IFAPI_Fapi_AuthorizePolicy::signingKeyPath
const char * signingKeyPath
Definition: fapi_int.h:548
IFAPI_Fapi_AuthorizePolicy::policyPath
const char * policyPath
Definition: fapi_int.h:547
IFAPI_GetEsysBlob
Definition: fapi_int.h:795
IFAPI_GetEsysBlob::key_object
IFAPI_OBJECT * key_object
Definition: fapi_int.h:807
IFAPI_GetEsysBlob::permanentHandle
TPM2_HANDLE permanentHandle
Definition: fapi_int.h:802
IFAPI_GetEsysBlob::type
uint8_t type
Definition: fapi_int.h:796
IFAPI_GetEsysBlob::path
char * path
Definition: fapi_int.h:805
IFAPI_GetEsysBlob::is_key
bool is_key
Definition: fapi_int.h:799
IFAPI_GetEsysBlob::object
IFAPI_OBJECT object
Definition: fapi_int.h:806
IFAPI_GetEsysBlob::is_persistent_key
bool is_persistent_key
Definition: fapi_int.h:800
IFAPI_GetEsysBlob::auth_object
IFAPI_OBJECT auth_object
Definition: fapi_int.h:803
IFAPI_GetEsysBlob::data
uint8_t * data
Definition: fapi_int.h:797
IFAPI_GetEsysBlob::length
size_t length
Definition: fapi_int.h:798
IFAPI_GetEsysBlob::auth_index
ESYS_TR auth_index
Definition: fapi_int.h:804
IFAPI_GetInfo
Definition: fapi_int.h:502
IFAPI_GetInfo::fetched_data
TPMS_CAPABILITY_DATA * fetched_data
Definition: fapi_int.h:504
IFAPI_GetInfo::capability_data
TPMS_CAPABILITY_DATA * capability_data
Definition: fapi_int.h:503
IFAPI_GetRandom
Definition: fapi_int.h:363
IFAPI_GetRandom::bytesRequested
UINT16 bytesRequested
Definition: fapi_int.h:366
IFAPI_GetRandom::idx
size_t idx
Definition: fapi_int.h:365
IFAPI_GetRandom::ret_data
uint8_t * ret_data
Definition: fapi_int.h:368
IFAPI_GetRandom::numBytes
size_t numBytes
Definition: fapi_int.h:364
IFAPI_GetRandom::data
uint8_t * data
Definition: fapi_int.h:367
IFAPI_INFO
Definition: fapi_int.h:171
IFAPI_INFO::fapi_config
IFAPI_CONFIG fapi_config
Definition: fapi_int.h:173
IFAPI_INFO::fapi_version
char * fapi_version
Definition: fapi_int.h:172
IFAPI_INITIALIZE
Definition: fapi_int.h:267
IFAPI_INITIALIZE::pathlist
char ** pathlist
Definition: fapi_int.h:269
IFAPI_INITIALIZE::nv_cap_idx
UINT32 nv_cap_idx
Definition: fapi_int.h:274
IFAPI_INITIALIZE::null_primaries
IFAPI_OBJECT * null_primaries
Definition: fapi_int.h:276
IFAPI_INITIALIZE::numPaths
size_t numPaths
Definition: fapi_int.h:270
IFAPI_INITIALIZE::primary_idx
size_t primary_idx
Definition: fapi_int.h:273
IFAPI_INITIALIZE::path_idx
size_t path_idx
Definition: fapi_int.h:275
IFAPI_INITIALIZE::numNullPrimaries
size_t numNullPrimaries
Definition: fapi_int.h:271
IFAPI_IO
Definition: ifapi_io.h:17
IFAPI_ImportKey
Definition: fapi_int.h:745
IFAPI_ImportKey::sensitive
TPM2B_SENSITIVE sensitive
Definition: fapi_int.h:757
IFAPI_ImportKey::public_templ
IFAPI_KEY_TEMPLATE public_templ
Definition: fapi_int.h:755
IFAPI_ImportKey::ossl_priv
const char * ossl_priv
Definition: fapi_int.h:756
IFAPI_KEY_TEMPLATE
Definition: fapi_int.h:179
IFAPI_KEY_TEMPLATE::system
TPMI_YES_NO system
Definition: fapi_int.h:180
IFAPI_KEY_TEMPLATE::persistent_handle
UINT32 persistent_handle
Definition: fapi_int.h:183
IFAPI_KEY_TEMPLATE::unique_rsa_set
bool unique_rsa_set
Definition: fapi_int.h:186
IFAPI_KEY_TEMPLATE::persistent
TPMI_YES_NO persistent
Definition: fapi_int.h:182
IFAPI_KEY_TEMPLATE::unique_ecc_set
bool unique_ecc_set
Definition: fapi_int.h:187
IFAPI_KEY_TEMPLATE::unique_zero
UINT16 unique_zero
Definition: fapi_int.h:185
IFAPI_KEYSTORE
Definition: ifapi_keystore.h:125
IFAPI_Key_Create
Definition: fapi_int.h:416
IFAPI_Key_Create::hierarchy
IFAPI_OBJECT hierarchy
Definition: fapi_int.h:424
IFAPI_Key_Create::parent
IFAPI_OBJECT parent
Definition: fapi_int.h:420
IFAPI_Key_Create::gen_sensitive_random
bool gen_sensitive_random
Definition: fapi_int.h:432
IFAPI_Key_Create::public_templ
IFAPI_KEY_TEMPLATE public_templ
Definition: fapi_int.h:422
IFAPI_Key_Create::path_list
NODE_STR_T * path_list
Definition: fapi_int.h:419
IFAPI_Key_Create::object
IFAPI_OBJECT object
Definition: fapi_int.h:421
IFAPI_Key_Create::keyPath
const char * keyPath
Definition: fapi_int.h:418
IFAPI_Key_SetCertificate
Definition: fapi_int.h:373
IFAPI_Key_SetCertificate::key_path
const char * key_path
Definition: fapi_int.h:376
IFAPI_Key_SetCertificate::path_list
NODE_STR_T * path_list
Definition: fapi_int.h:377
IFAPI_Key_SetCertificate::pem_cert_dup
char * pem_cert_dup
Definition: fapi_int.h:375
IFAPI_Key_SetCertificate::pem_cert
const char * pem_cert
Definition: fapi_int.h:374
IFAPI_Key_SetCertificate::key_object
IFAPI_OBJECT key_object
Definition: fapi_int.h:378
IFAPI_Key_Sign
Definition: fapi_int.h:469
IFAPI_Key_Sign::key_object
IFAPI_OBJECT * key_object
Definition: fapi_int.h:479
IFAPI_Key_Sign::ret_signature
uint8_t * ret_signature
Definition: fapi_int.h:485
IFAPI_Key_Sign::digest
TPM2B_DIGEST digest
Definition: fapi_int.h:473
IFAPI_Key_Sign::chunk
size_t chunk
Definition: fapi_int.h:477
IFAPI_Key_Sign::scheme
TPMT_SIG_SCHEME scheme
Definition: fapi_int.h:478
IFAPI_Key_Sign::padding
char const * padding
Definition: fapi_int.h:483
IFAPI_Key_Sign::offset
size_t offset
Definition: fapi_int.h:476
IFAPI_Key_Sign::tpm_signature
TPMT_SIGNATURE * tpm_signature
Definition: fapi_int.h:480
IFAPI_Key_Sign::signature
TPMT_SIGNATURE * signature
Definition: fapi_int.h:482
IFAPI_Key_Sign::certificate
char * certificate
Definition: fapi_int.h:484
IFAPI_Key_Sign::handle
ESYS_TR handle
Definition: fapi_int.h:472
IFAPI_Key_Sign::data
uint8_t * data
Definition: fapi_int.h:474
IFAPI_Key_Sign::publicKey
char * publicKey
Definition: fapi_int.h:487
IFAPI_Key_Sign::data_size
size_t data_size
Definition: fapi_int.h:475
IFAPI_Key_Sign::keyPath
const char * keyPath
Definition: fapi_int.h:471
IFAPI_Key_Sign::sequence_handle
ESYS_TR sequence_handle
Definition: fapi_int.h:489
IFAPI_Key_Sign::decrypt
TPMI_YES_NO decrypt
Definition: fapi_int.h:481
IFAPI_Key_VerifySignature
Definition: fapi_int.h:632
IFAPI_LoadKey
Definition: fapi_int.h:762
IFAPI_LoadKey::path_list
NODE_STR_T * path_list
Definition: fapi_int.h:765
IFAPI_MAX_BUFFER
Definition: fapi_int.h:89
IFAPI_NV_Cmds
Definition: fapi_int.h:228
IFAPI_NV_Cmds::bytesRequested
UINT16 bytesRequested
Definition: fapi_int.h:236
IFAPI_NV_Cmds::digests
TPML_DIGEST_VALUES digests
Definition: fapi_int.h:259
IFAPI_NV_Cmds::esys_auth_handle
ESYS_TR esys_auth_handle
Definition: fapi_int.h:232
IFAPI_NV_Cmds::pcr_event
IFAPI_EVENT pcr_event
Definition: fapi_int.h:258
IFAPI_NV_Cmds::data_idx
size_t data_idx
Definition: fapi_int.h:238
IFAPI_NV_Cmds::nv_buffer
uint8_t * nv_buffer
Definition: fapi_int.h:240
IFAPI_NV_Cmds::policyPath
char * policyPath
Definition: fapi_int.h:230
IFAPI_NV_Cmds::data
const uint8_t * data
Definition: fapi_int.h:239
IFAPI_NV_Cmds::jso_event_log
json_object * jso_event_log
Definition: fapi_int.h:256
IFAPI_NV_Cmds::auth_session
ESYS_TR auth_session
Definition: fapi_int.h:248
IFAPI_NV_Cmds::esys_handle
ESYS_TR esys_handle
Definition: fapi_int.h:233
IFAPI_NV_Cmds::size
size_t size
Definition: fapi_int.h:242
IFAPI_NV_Cmds::nvPath
char * nvPath
Definition: fapi_int.h:229
IFAPI_NV_Cmds::auth
TPM2B_AUTH auth
Definition: fapi_int.h:245
IFAPI_NV_Cmds::bitmap
uint64_t bitmap
Definition: fapi_int.h:249
IFAPI_NV_Cmds::numBytes
size_t numBytes
Definition: fapi_int.h:235
IFAPI_NV_Cmds::rdata
uint8_t * rdata
Definition: fapi_int.h:241
IFAPI_NV_Cmds::auth_object
IFAPI_OBJECT auth_object
Definition: fapi_int.h:243
IFAPI_NV_Cmds::nv_object
IFAPI_OBJECT nv_object
Definition: fapi_int.h:244
IFAPI_NV_Cmds::logData
char * logData
Definition: fapi_int.h:255
IFAPI_NV_Cmds::maxNvIndex
TPMI_RH_NV_INDEX maxNvIndex
Definition: fapi_int.h:257
IFAPI_NV_Cmds::offset
UINT16 offset
Definition: fapi_int.h:237
IFAPI_NV_Cmds::tpm_handle
TPM2_HANDLE tpm_handle
Definition: fapi_int.h:234
IFAPI_NV_Cmds::nv_obj
IFAPI_NV nv_obj
Definition: fapi_int.h:246
IFAPI_NV_Cmds::auth_index
ESYS_TR auth_index
Definition: fapi_int.h:247
IFAPI_NV_TEMPLATE
Definition: fapi_int.h:192
IFAPI_NV_TEMPLATE::system
TPMI_YES_NO system
Definition: fapi_int.h:193
IFAPI_NV_TEMPLATE::hierarchy
TPMI_RH_HIERARCHY hierarchy
Definition: fapi_int.h:195
IFAPI_NV_TEMPLATE::description
char * description
Definition: fapi_int.h:196
IFAPI_NV
Definition: ifapi_keystore.h:80
IFAPI_OBJECT
Definition: ifapi_keystore.h:153
IFAPI_PCR
Definition: fapi_int.h:311
IFAPI_PCR::key_object
IFAPI_OBJECT * key_object
Definition: fapi_int.h:323
IFAPI_PCR::PCR
ESYS_TR PCR
Definition: fapi_int.h:314
IFAPI_PCR::qualifyingData
TPM2B_DATA qualifyingData
Definition: fapi_int.h:327
IFAPI_PCR::pcrListSize
size_t pcrListSize
Definition: fapi_int.h:326
IFAPI_PCR::pcr_selection
TPML_PCR_SELECTION pcr_selection
Definition: fapi_int.h:315
IFAPI_PCR::event_digests
TPML_DIGEST_VALUES * event_digests
Definition: fapi_int.h:313
IFAPI_PCR::handle
ESYS_TR handle
Definition: fapi_int.h:322
IFAPI_PCR::digest_list
TPML_DIGEST_VALUES digest_list
Definition: fapi_int.h:312
IFAPI_PCR::pcr_selection_out
TPML_PCR_SELECTION * pcr_selection_out
Definition: fapi_int.h:316
IFAPI_PCR::keyPath
const char * keyPath
Definition: fapi_int.h:321
IFAPI_PCR::pcrList
uint32_t * pcrList
Definition: fapi_int.h:325
IFAPI_POLICY_CTX
Definition: fapi_int.h:661
IFAPI_POLICY_CTX::pathlist
char ** pathlist
Definition: fapi_int.h:666
IFAPI_POLICY_CTX::session
ESYS_TR session
Definition: fapi_int.h:676
IFAPI_POLICY_CTX::policyutil_stack
IFAPI_POLICYUTIL_STACK * policyutil_stack
Definition: fapi_int.h:672
IFAPI_POLICY_CTX::policy_stack
IFAPI_POLICY_EXEC_CTX * policy_stack
Definition: fapi_int.h:668
IFAPI_POLICY_EVAL_INST_CTX
Definition: ifapi_policy_instantiate.h:19
IFAPI_POLICY_EXEC_CTX
Definition: ifapi_policy_execute.h:67
IFAPI_POLICY_STORE
Definition: ifapi_policy_store.h:14
IFAPI_POLICYUTIL_STACK
Definition: ifapi_policyutil_execute.h:23
IFAPI_PROFILE
Definition: ifapi_profiles.h:19
IFAPI_PROFILES
Definition: ifapi_profiles.h:56
IFAPI_Path_SetDescription
Definition: fapi_int.h:352
IFAPI_Path_SetDescription::jso
json_object * jso
Definition: fapi_int.h:357
IFAPI_Path_SetDescription::object_path
char * object_path
Definition: fapi_int.h:356
IFAPI_Path_SetDescription::jso_string
char * jso_string
Definition: fapi_int.h:358
IFAPI_Path_SetDescription::object
IFAPI_OBJECT object
Definition: fapi_int.h:355
IFAPI_Path_SetDescription::description
char * description
Definition: fapi_int.h:353
IFAPI_Path_SetDescription::appData
UINT8_ARY appData
Definition: fapi_int.h:354
IFAPI_Provision
Definition: fapi_int.h:564
IFAPI_Provision::pathlist
char ** pathlist
Definition: fapi_int.h:573
IFAPI_Provision::numHierarchyObjects
size_t numHierarchyObjects
Definition: fapi_int.h:575
IFAPI_Provision::hierarchy_hn
IFAPI_OBJECT hierarchy_hn
Definition: fapi_int.h:568
IFAPI_Provision::numPaths
size_t numPaths
Definition: fapi_int.h:574
IFAPI_Provision::public_templ
IFAPI_KEY_TEMPLATE public_templ
Definition: fapi_int.h:571
IFAPI_Provision::hierarchy_he
IFAPI_OBJECT hierarchy_he
Definition: fapi_int.h:567
IFAPI_Provision::hierarchy
IFAPI_OBJECT * hierarchy
Definition: fapi_int.h:569
IFAPI_Provision::hierarchy_hs
IFAPI_OBJECT hierarchy_hs
Definition: fapi_int.h:566
IFAPI_Provision::hierarchy_lockout
IFAPI_OBJECT hierarchy_lockout
Definition: fapi_int.h:565
IFAPI_Provision::hierarchies
IFAPI_OBJECT * hierarchies
Definition: fapi_int.h:578
IFAPI_Provision::path_idx
size_t path_idx
Definition: fapi_int.h:577
IFAPI_Provision::hiearchy_idx
size_t hiearchy_idx
Definition: fapi_int.h:576
IFAPI_Provision::hierarchy_policy
TPMS_POLICY * hierarchy_policy
Definition: fapi_int.h:570
IFAPI_Unseal
Definition: fapi_int.h:494
IFAPI_Unseal::object
IFAPI_OBJECT * object
Definition: fapi_int.h:496
IFAPI_Unseal::keyPath
const char * keyPath
Definition: fapi_int.h:495
IFAPI_api_WriteAuthorizeNv
Definition: fapi_int.h:555
IFAPI_api_WriteAuthorizeNv::hash_alg
TPMI_ALG_HASH * hash_alg
Definition: fapi_int.h:557
IFAPI_api_WriteAuthorizeNv::hash_size
size_t hash_size
Definition: fapi_int.h:558
IFAPI_api_WriteAuthorizeNv::digest_idx
size_t digest_idx
Definition: fapi_int.h:559
IFAPI_api_WriteAuthorizeNv::policyPath
const char * policyPath
Definition: fapi_int.h:556
TPMS_POLICYAUTHORIZATION
Definition: ifapi_policy_types.h:133
TPMS_POLICY
Definition: ifapi_policy_types.h:281
TPMS_POLICY::policy
struct TPML_POLICYELEMENTS * policy
Definition: ifapi_policy_types.h:285
UINT8_ARY
Definition: fapi_types.h:15
object_node
Definition: fapi_types.h:34
str_node
Definition: fapi_types.h:24
IFAPI_CMD_STATE
Definition: fapi_int.h:821