int loadExternal(TPMI_RH_HIERARCHY hierarchyValue, TPM2B_PUBLIC *inPublic, TPM2B_SENSITIVE *inPrivate, int r_flag)
{
UINT32 rval;
TPMS_AUTH_RESPONSE sessionDataOut;
TSS2_SYS_RSP_AUTHS sessionsDataOut;
TPMS_AUTH_RESPONSE *sessionDataOutArray[1];
TPM2B_NAME nameExt = { { sizeof(TPM2B_NAME)-2, } };
sessionsDataOut.rspAuths = &sessionDataOutArray[0];
sessionsDataOut.rspAuthsCount = 1;
if(r_flag == 0)
rval = Tss2_Sys_LoadExternal(sysContext, 0, NULL, inPublic, hierarchyValue, &handle2048rsa, &nameExt, &sessionsDataOut);
else
rval = Tss2_Sys_LoadExternal(sysContext, 0, inPrivate , inPublic, hierarchyValue, &handle2048rsa, &nameExt, &sessionsDataOut);
if(rval != TPM_RC_SUCCESS)
{
printf("\nLoadExternal Failed ! ErrorCode: 0x%0x\n\n", rval);
return -1;
}
printf("\nLoadExternal succ.\nLoadedHandle: 0x%08x\n\n", handle2048rsa);
return 0;
}
int makeCredential()
{
UINT32 rval;
TPMS_AUTH_RESPONSE sessionDataOut;
TSS2_SYS_RSP_AUTHS sessionsDataOut;
TPMS_AUTH_RESPONSE *sessionDataOutArray[1];
TPM2B_NAME nameExt = { { sizeof(TPM2B_NAME)-2, } };
TPM2B_ID_OBJECT credentialBlob = { { 0 }, };
TPM2B_ENCRYPTED_SECRET secret;
sessionDataOutArray[0] = &sessionDataOut;
sessionsDataOut.rspAuths = &sessionDataOutArray[0];
sessionsDataOut.rspAuthsCount = 1;
rval = Tss2_Sys_LoadExternal(sysContext, 0, NULL , &inPublic,TPM_RH_NULL,&handle2048rsa, &nameExt, &sessionsDataOut);
if(rval != TPM_RC_SUCCESS)
{
printf("\n......LoadExternal failed. TPM Error:0x%x......\n", rval);
return -1;
}
printf("LoadExternal succ.\n");
rval = Tss2_Sys_MakeCredential(sysContext, handle2048rsa, 0, &inCredential, &objectName,&credentialBlob, &secret, &sessionsDataOut);
if(rval != TPM_RC_SUCCESS)
{
printf("\n......MakeCredential failed. TPM Error:0x%x......\n", rval);
return -2;
}
printf("MakeCredential succ.\n");
rval = Tss2_Sys_FlushContext(sysContext, handle2048rsa);
if( rval != TPM_RC_SUCCESS )
{
printf("\n......Flush loaded key failed. TPM Error:0x%x......\n", rval);
return -3;
}
printf("Flush loaded key succ.\n");
if(writeCrtSecToFile(outFilePath,&credentialBlob,&secret))
return -4;
printf("OutFile: %s completed!\n\n",outFilePath);
return 0;
}
UINT32 LoadSessionEncryptDecryptKey( TPMT_SYM_DEF *symmetric, TPM2B_MAX_BUFFER *key, TPM_HANDLE *keyHandle, TPM2B_NAME *keyName )
{
TPM2B keyAuth;
TPM2B_SENSITIVE inPrivate;
TPM2B_PUBLIC inPublic;
UINT32 rval;
TSS2_SYS_CONTEXT *sysContext;
keyAuth.size = 0;
inPrivate.t.sensitiveArea.sensitiveType = TPM_ALG_SYMCIPHER;
inPrivate.t.size = CopySizedByteBuffer( &(inPrivate.t.sensitiveArea.authValue.b), &keyAuth);
inPrivate.t.sensitiveArea.seedValue.b.size = 0;
inPrivate.t.size += CopySizedByteBuffer( &inPrivate.t.sensitiveArea.sensitive.bits.b, &key->b );
inPrivate.t.size += 2 * sizeof( UINT16 );
inPublic.t.publicArea.type = TPM_ALG_SYMCIPHER;
inPublic.t.publicArea.nameAlg = TPM_ALG_NULL;
*( UINT32 *)&( inPublic.t.publicArea.objectAttributes )= 0;
inPublic.t.publicArea.objectAttributes.decrypt = 1;
inPublic.t.publicArea.objectAttributes.sign = 1;
inPublic.t.publicArea.objectAttributes.userWithAuth = 1;
inPublic.t.publicArea.authPolicy.t.size = 0;
inPublic.t.publicArea.parameters.symDetail.sym.algorithm = symmetric->algorithm;
inPublic.t.publicArea.parameters.symDetail.sym.keyBits = symmetric->keyBits;
inPublic.t.publicArea.parameters.symDetail.sym.mode = symmetric->mode;
inPublic.t.publicArea.unique.sym.t.size = 0;
sysContext = InitSysContext( 1000, resMgrTctiContext, &abiVersion );
if( sysContext == 0 )
{
return TSS2_APP_RC_INIT_SYS_CONTEXT_FAILED;
}
keyName->t.size = sizeof( *keyName ) - 2;
rval = Tss2_Sys_LoadExternal( sysContext, 0, &inPrivate, &inPublic, TPM_RH_NULL, keyHandle, keyName, 0 );
TeardownSysContext( &sysContext );
return rval;
}
UINT32 LoadExternalHMACKey( TPMI_ALG_HASH hashAlg, TPM2B *key, TPM_HANDLE *keyHandle, TPM2B_NAME *keyName )
{
TPM2B keyAuth;
TPM2B_SENSITIVE inPrivate;
TPM2B_PUBLIC inPublic;
UINT32 rval;
TSS2_SYS_CONTEXT *sysContext;
keyAuth.size = 0;
inPrivate.t.sensitiveArea.sensitiveType = TPM_ALG_KEYEDHASH;
inPrivate.t.size = CopySizedByteBuffer( &(inPrivate.t.sensitiveArea.authValue.b), &keyAuth);
inPrivate.t.sensitiveArea.seedValue.b.size = 0;
inPrivate.t.size += CopySizedByteBuffer( &inPrivate.t.sensitiveArea.sensitive.bits.b, key);
inPrivate.t.size += 2 * sizeof( UINT16 );
inPublic.t.publicArea.type = TPM_ALG_KEYEDHASH;
inPublic.t.publicArea.nameAlg = TPM_ALG_NULL;
*( UINT32 *)&( inPublic.t.publicArea.objectAttributes )= 0;
inPublic.t.publicArea.objectAttributes.sign = 1;
inPublic.t.publicArea.objectAttributes.userWithAuth = 1;
inPublic.t.publicArea.authPolicy.t.size = 0;
inPublic.t.publicArea.parameters.keyedHashDetail.scheme.scheme = TPM_ALG_HMAC;
inPublic.t.publicArea.parameters.keyedHashDetail.scheme.details.hmac.hashAlg = hashAlg;
inPublic.t.publicArea.unique.keyedHash.t.size = 0;
sysContext = InitSysContext( 1000, resMgrTctiContext, &abiVersion );
if( sysContext == 0 )
{
TeardownSysContext( &sysContext );
return TSS2_APP_ERROR_LEVEL + TPM_RC_FAILURE;
}
rval = Tss2_Sys_LoadExternal( sysContext, 0, &inPrivate, &inPublic, TPM_RH_NULL, keyHandle, keyName, 0 );
TeardownSysContext( &sysContext );
return rval;
}