int activateCredential() { UINT32 rval; TPM2B_DIGEST certInfoData; printf("\nACTIVATE CREDENTIAL TESTS:\n"); cmdAuth.sessionHandle = TPM_RS_PW; cmdAuth2.sessionHandle = TPM_RS_PW; *((UINT8 *)((void *)&cmdAuth.sessionAttributes)) = 0; *((UINT8 *)((void *)&cmdAuth2.sessionAttributes)) = 0; TPMS_AUTH_COMMAND *cmdSessionArray[2] = { &cmdAuth, &cmdAuth2 }; TSS2_SYS_CMD_AUTHS cmdAuthArray = { 2, &cmdSessionArray[0] }; rval = Tss2_Sys_ActivateCredential(sysContext,activateHandle ,keyHandle , &cmdAuthArray, &credentialBlob, &secret, &certInfoData, 0); if(rval != TPM_RC_SUCCESS) { printf("\n......ActivateCredential failed. TPM Error:0x%x......\n", rval); return -1; } printf("\nActivate Credential succ.\n"); printf("\nCertInfoData :\n"); for (int k = 0; k<certInfoData.t.size; k++) { printf("0x%.2x ", certInfoData.t.buffer[k]); } printf("\n\n"); if(saveDataToFile(outFilePath, certInfoData.t.buffer, certInfoData.t.size) == 0) printf("OutFile %s completed!\n",outFilePath); else return -2; return 0; }
int activateCredential() { UINT32 rval; TPM2B_DIGEST certInfoData = { { sizeof(certInfoData)-2, } }; printf("\nACTIVATE CREDENTIAL TESTS:\n"); cmdAuth.sessionHandle = TPM_RS_PW; cmdAuth2.sessionHandle = TPM_RS_PW; *((UINT8 *)((void *)&cmdAuth.sessionAttributes)) = 0; *((UINT8 *)((void *)&cmdAuth2.sessionAttributes)) = 0; *((UINT8 *)((void *)&cmdAuth3.sessionAttributes)) = 0; TPMS_AUTH_COMMAND *cmdSessionArray[2] = { &cmdAuth, &cmdAuth3 }; TSS2_SYS_CMD_AUTHS cmdAuthArray = { 2, &cmdSessionArray[0] }; TPMS_AUTH_COMMAND *cmdSessionArray1[1] = { &cmdAuth2 }; TSS2_SYS_CMD_AUTHS cmdAuthArray1 = { 1, &cmdSessionArray1[0] }; SESSION *session; TPM2B_ENCRYPTED_SECRET encryptedSalt = { { 0, } }; TPM2B_NONCE nonceCaller = { { 0, } }; TPMT_SYM_DEF symmetric; symmetric.algorithm = TPM_ALG_NULL; if (cmdAuth.hmac.t.size > 0 && hexPasswd) { cmdAuth.hmac.t.size = sizeof(cmdAuth.hmac) - 2; if (hex2ByteStructure((char *)cmdAuth.hmac.t.buffer, &cmdAuth.hmac.t.size, cmdAuth.hmac.t.buffer) != 0) { printf( "Failed to convert Hex format password for handlePasswd.\n"); return -1; } } if (cmdAuth2.hmac.t.size > 0 && hexPasswd) { cmdAuth2.hmac.t.size = sizeof(cmdAuth2.hmac) - 2; if (hex2ByteStructure((char *)cmdAuth2.hmac.t.buffer, &cmdAuth2.hmac.t.size, cmdAuth2.hmac.t.buffer) != 0) { printf( "Failed to convert Hex format password for endorsePasswd.\n"); return -1; } } rval = StartAuthSessionWithParams( &session, TPM_RH_NULL, 0, TPM_RH_NULL, 0, &nonceCaller, &encryptedSalt, TPM_SE_POLICY, &symmetric, TPM_ALG_SHA256 ); if( rval != TPM_RC_SUCCESS ) { printf("\n......StartAuthSessionWithParams Error. TPM Error:0x%x......\n", rval); return -1; } printf("\nStartAuthSessionWithParams succ.......\n"); rval = Tss2_Sys_PolicySecret(sysContext, TPM_RH_ENDORSEMENT, session->sessionHandle, &cmdAuthArray1, 0, 0, 0, 0, 0, 0, 0); if( rval != TPM_RC_SUCCESS ) { printf("\n......Tss2_Sys_PolicySecret Error. TPM Error:0x%x......\n", rval); return -2; } printf("\nTss2_Sys_PolicySecret succ.......\n"); cmdAuth3.sessionHandle = session->sessionHandle; cmdAuth3.sessionAttributes.continueSession = 1; cmdAuth3.hmac.t.size = 0; rval = Tss2_Sys_ActivateCredential(sysContext, activateHandle, keyHandle, &cmdAuthArray, &credentialBlob, &secret, &certInfoData, 0); if(rval != TPM_RC_SUCCESS) { printf("\n......ActivateCredential failed. TPM Error:0x%x......\n", rval); return -3; } printf("\nActivate Credential succ.\n"); // Need to flush the session here. rval = Tss2_Sys_FlushContext( sysContext, session->sessionHandle ); if( rval != TPM_RC_SUCCESS ) { printf("\n......TPM2_Sys_FlushContext Error. TPM Error:0x%x......\n", rval); return -4; } // And remove the session from sessions table. rval = EndAuthSession( session ); if( rval != TPM_RC_SUCCESS ) { printf("\n......EndAuthSession Error. TPM Error:0x%x......\n", rval); return -5; } printf("\nCertInfoData :\n"); for (int k = 0; k<certInfoData.t.size; k++) { printf("0x%.2x ", certInfoData.t.buffer[k]); } printf("\n\n"); if(saveDataToFile(outFilePath, certInfoData.t.buffer, certInfoData.t.size) == 0) printf("OutFile %s completed!\n",outFilePath); else return -6; return 0; }