int activateCredential()
{
UINT32 rval;
TPM2B_DIGEST certInfoData;
printf("\nACTIVATE CREDENTIAL TESTS:\n");
cmdAuth.sessionHandle = TPM_RS_PW;
cmdAuth2.sessionHandle = TPM_RS_PW;
*((UINT8 *)((void *)&cmdAuth.sessionAttributes)) = 0;
*((UINT8 *)((void *)&cmdAuth2.sessionAttributes)) = 0;
TPMS_AUTH_COMMAND *cmdSessionArray[2] = { &cmdAuth, &cmdAuth2 };
TSS2_SYS_CMD_AUTHS cmdAuthArray = { 2, &cmdSessionArray[0] };
rval = Tss2_Sys_ActivateCredential(sysContext,activateHandle ,keyHandle , &cmdAuthArray, &credentialBlob, &secret, &certInfoData, 0);
if(rval != TPM_RC_SUCCESS)
{
printf("\n......ActivateCredential failed. TPM Error:0x%x......\n", rval);
return -1;
}
printf("\nActivate Credential succ.\n");
printf("\nCertInfoData :\n");
for (int k = 0; k<certInfoData.t.size; k++)
{
printf("0x%.2x ", certInfoData.t.buffer[k]);
}
printf("\n\n");
if(saveDataToFile(outFilePath, certInfoData.t.buffer, certInfoData.t.size) == 0)
printf("OutFile %s completed!\n",outFilePath);
else
return -2;
return 0;
}
int activateCredential()
{
UINT32 rval;
TPM2B_DIGEST certInfoData = { { sizeof(certInfoData)-2, } };
printf("\nACTIVATE CREDENTIAL TESTS:\n");
cmdAuth.sessionHandle = TPM_RS_PW;
cmdAuth2.sessionHandle = TPM_RS_PW;
*((UINT8 *)((void *)&cmdAuth.sessionAttributes)) = 0;
*((UINT8 *)((void *)&cmdAuth2.sessionAttributes)) = 0;
*((UINT8 *)((void *)&cmdAuth3.sessionAttributes)) = 0;
TPMS_AUTH_COMMAND *cmdSessionArray[2] = { &cmdAuth, &cmdAuth3 };
TSS2_SYS_CMD_AUTHS cmdAuthArray = { 2, &cmdSessionArray[0] };
TPMS_AUTH_COMMAND *cmdSessionArray1[1] = { &cmdAuth2 };
TSS2_SYS_CMD_AUTHS cmdAuthArray1 = { 1, &cmdSessionArray1[0] };
SESSION *session;
TPM2B_ENCRYPTED_SECRET encryptedSalt = { { 0, } };
TPM2B_NONCE nonceCaller = { { 0, } };
TPMT_SYM_DEF symmetric;
symmetric.algorithm = TPM_ALG_NULL;
if (cmdAuth.hmac.t.size > 0 && hexPasswd)
{
cmdAuth.hmac.t.size = sizeof(cmdAuth.hmac) - 2;
if (hex2ByteStructure((char *)cmdAuth.hmac.t.buffer,
&cmdAuth.hmac.t.size,
cmdAuth.hmac.t.buffer) != 0)
{
printf( "Failed to convert Hex format password for handlePasswd.\n");
return -1;
}
}
if (cmdAuth2.hmac.t.size > 0 && hexPasswd)
{
cmdAuth2.hmac.t.size = sizeof(cmdAuth2.hmac) - 2;
if (hex2ByteStructure((char *)cmdAuth2.hmac.t.buffer,
&cmdAuth2.hmac.t.size,
cmdAuth2.hmac.t.buffer) != 0)
{
printf( "Failed to convert Hex format password for endorsePasswd.\n");
return -1;
}
}
rval = StartAuthSessionWithParams( &session, TPM_RH_NULL, 0, TPM_RH_NULL,
0, &nonceCaller, &encryptedSalt, TPM_SE_POLICY, &symmetric, TPM_ALG_SHA256 );
if( rval != TPM_RC_SUCCESS )
{
printf("\n......StartAuthSessionWithParams Error. TPM Error:0x%x......\n", rval);
return -1;
}
printf("\nStartAuthSessionWithParams succ.......\n");
rval = Tss2_Sys_PolicySecret(sysContext, TPM_RH_ENDORSEMENT, session->sessionHandle, &cmdAuthArray1, 0, 0, 0, 0, 0, 0, 0);
if( rval != TPM_RC_SUCCESS )
{
printf("\n......Tss2_Sys_PolicySecret Error. TPM Error:0x%x......\n", rval);
return -2;
}
printf("\nTss2_Sys_PolicySecret succ.......\n");
cmdAuth3.sessionHandle = session->sessionHandle;
cmdAuth3.sessionAttributes.continueSession = 1;
cmdAuth3.hmac.t.size = 0;
rval = Tss2_Sys_ActivateCredential(sysContext, activateHandle, keyHandle, &cmdAuthArray, &credentialBlob, &secret, &certInfoData, 0);
if(rval != TPM_RC_SUCCESS)
{
printf("\n......ActivateCredential failed. TPM Error:0x%x......\n", rval);
return -3;
}
printf("\nActivate Credential succ.\n");
// Need to flush the session here.
rval = Tss2_Sys_FlushContext( sysContext, session->sessionHandle );
if( rval != TPM_RC_SUCCESS )
{
printf("\n......TPM2_Sys_FlushContext Error. TPM Error:0x%x......\n", rval);
return -4;
}
// And remove the session from sessions table.
rval = EndAuthSession( session );
if( rval != TPM_RC_SUCCESS )
{
printf("\n......EndAuthSession Error. TPM Error:0x%x......\n", rval);
return -5;
}
printf("\nCertInfoData :\n");
for (int k = 0; k<certInfoData.t.size; k++)
{
printf("0x%.2x ", certInfoData.t.buffer[k]);
}
printf("\n\n");
if(saveDataToFile(outFilePath, certInfoData.t.buffer, certInfoData.t.size) == 0)
printf("OutFile %s completed!\n",outFilePath);
else
return -6;
return 0;
}
