diff --git a/Makefile-test.am b/Makefile-test.am index ecd759d80..229cbcd75 100644 --- a/Makefile-test.am +++ b/Makefile-test.am @@ -238,6 +238,7 @@ ESYS_TESTS_INTEGRATION_MANDATORY = \ test/integration/esys-clockset.int \ test/integration/esys-clockset-audit.int \ test/integration/esys-commit.int \ + test/integration/esys-cp-hash.int \ test/integration/esys-create-fail.int \ test/integration/esys-create-password-auth.int \ test/integration/esys-create-policy-auth.int \ @@ -1136,7 +1137,7 @@ if POLICY TESTS_UNIT += test/unit/tss2_policy test_unit_tss2_policy_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS) -test_unit_tss2_policy_LDADD = $(CMOCKA_LIBS) $(libtss2_policy) $(libtss2_esys) +test_unit_tss2_policy_LDADD = $(CMOCKA_LIBS) $(libtss2_policy) $(libtss2_esys) $(libtss2_sys) test_unit_tss2_policy_SOURCES = test/unit/tss2_policy.c src/util/log.c \ test/data/test-fapi-policies.h test/helper/cmocka_all.h endif # POLICY @@ -1593,6 +1594,13 @@ test_integration_esys_get_random_int_SOURCES = \ test/integration/esys-get-random.int.c \ test/integration/main-esys.c test/integration/test-esys.h +test_integration_esys_cp_hash_int_CFLAGS = $(TESTS_CFLAGS) +test_integration_esys_cp_hash_int_LDADD = $(TESTS_LDADD) +test_integration_esys_cp_hash_int_LDFLAGS = $(TESTS_LDFLAGS) +test_integration_esys_cp_hash_int_SOURCES = \ + test/integration/esys-cp-hash.int.c \ + test/integration/main-esys.c test/integration/test-esys.h + test_integration_esys_get_time_int_CFLAGS = $(TESTS_CFLAGS) $(TSS2_ESYS_CFLAGS_CRYPTO) test_integration_esys_get_time_int_LDADD = $(TESTS_LDADD) test_integration_esys_get_time_int_LDFLAGS = $(TESTS_LDFLAGS) $(TSS2_ESYS_LDFLAGS_CRYPTO) diff --git a/include/tss2/tss2_esys.h b/include/tss2/tss2_esys.h index eab4e4c25..1b13f2640 100644 --- a/include/tss2/tss2_esys.h +++ b/include/tss2/tss2_esys.h @@ -3808,6 +3808,24 @@ Esys_SetCryptoCallbacks( ESYS_CONTEXT *esysContext, ESYS_CRYPTO_CALLBACKS *callbacks); +TSS2_RC +Esys_GetCpHash( + ESYS_CONTEXT* esysContext, + TPMI_ALG_HASH hashAlg, + uint8_t **cpHash, + size_t *cpHash_size); + +TSS2_RC +Esys_GetRpHash( + ESYS_CONTEXT* esysContext, + TPMI_ALG_HASH hashAlg, + uint8_t **cpHash, + size_t *cpHash_size); + +TSS2_RC +Esys_Abort( + ESYS_CONTEXT* esysContext); + #ifdef __cplusplus } #endif diff --git a/lib/tss2-esys.def b/lib/tss2-esys.def index c6890d844..8c5be1bf1 100644 --- a/lib/tss2-esys.def +++ b/lib/tss2-esys.def @@ -1,5 +1,6 @@ LIBRARY tss2-esys EXPORTS + Esys_Abort Esys_AC_GetCapability Esys_AC_GetCapability_Async Esys_AC_GetCapability_Finish @@ -110,10 +111,12 @@ EXPORTS Esys_GetCommandAuditDigest Esys_GetCommandAuditDigest_Async Esys_GetCommandAuditDigest_Finish + Esys_GetCpHash Esys_GetPollHandles Esys_GetRandom Esys_GetRandom_Async Esys_GetRandom_Finish + Esys_GetRpHash Esys_GetSessionAuditDigest Esys_GetSessionAuditDigest_Async Esys_GetSessionAuditDigest_Finish diff --git a/lib/tss2-esys.map b/lib/tss2-esys.map index 2062cc324..e95739fde 100644 --- a/lib/tss2-esys.map +++ b/lib/tss2-esys.map @@ -1,5 +1,6 @@ { global: + Esys_Abort; Esys_AC_GetCapability; Esys_AC_GetCapability_Async; Esys_AC_GetCapability_Finish; @@ -109,9 +110,11 @@ Esys_GetCommandAuditDigest; Esys_GetCommandAuditDigest_Async; Esys_GetCommandAuditDigest_Finish; + Esys_GetCpHash; Esys_GetRandom; Esys_GetRandom_Async; Esys_GetRandom_Finish; + Esys_GetRpHash; Esys_GetSessionAuditDigest; Esys_GetSessionAuditDigest_Async; Esys_GetSessionAuditDigest_Finish; diff --git a/src/tss2-esys/esys_cp_rp_hash.c b/src/tss2-esys/esys_cp_rp_hash.c new file mode 100644 index 000000000..e0ffdc2cc --- /dev/null +++ b/src/tss2-esys/esys_cp_rp_hash.c @@ -0,0 +1,115 @@ +/* SPDX-License-Identifier: BSD-2-Clause */ +/******************************************************************************* + * Copyright 2025, Juergen Repp + * All rights reserved. + ******************************************************************************/ + +#ifdef HAVE_CONFIG_H +#include "config.h" // IWYU pragma: keep +#endif + +#include // for PRIx32, uint8_t, SIZE_MAX, int32_t +#include // for bool, false, true +#include // for NULL, malloc, size_t, calloc +#include // for memcmp + +#include "esys_int.h" // for RSRC_NODE_T, ESYS_CONTEXT, _ESYS_ASSERT... +#include "esys_mu.h" // for iesys_MU_IESYS_RESOURCE_Marshal, iesys_... +#include "esys_types.h" // for IESYS_RESOURCE, IESYS_RSRC_UNION, IESYS... +#include "tss2_common.h" // for TSS2_RC, TSS2_RC_SUCCESS, TSS2_ESYS_RC_... +#include "tss2_esys.h" // for ESYS_CONTEXT, ESYS_TR, ESYS_TR_NONE +#include "tss2_tpm2_types.h" // for TPM2B_NAME, TPM2_HANDLE, TPM2_HR_SHIFT + +#define LOGMODULE esys +#include "util/log.h" // for return_if_error, SAFE_FREE, goto_if_error + + +static TSS2_RC get_hash(HASH_TAB_ITEM hash_tab[3], + TPMI_ALG_HASH hashAlg, uint8_t **hash, size_t *hash_size) { + int i; + + for (i = 0; i < 3; i++) { + if (hash_tab[i].alg == hashAlg) { + *hash_size = hash_tab[i].size; + *hash = malloc(*hash_size); + return_if_null(*hash, "Buffer could not be allocated", + TSS2_ESYS_RC_MEMORY); + memcpy(*hash, &hash_tab[i].digest[0], *hash_size); + return TSS2_RC_SUCCESS; + } + } + return TSS2_ESYS_RC_BAD_SEQUENCE; +} + +/** Get the cpHash buffer computed by an ESYS async call. + * + * The buffer will be returned if the buffer is found for the passed hashAlg. + * @param esys_ctxt [in,out] The ESYS_CONTEXT. + * @param hashAlg [in] The hash alg used to compute the cp hash. + * @param cpHash [out] The buffer containing the cp hash. + * (caller-callocated) + * @param cpHash_size [out] The size of the cpHash buffer. + * @retval TSS2_RC_SUCCESS on Success. + * @retval TSS2_ESYS_RC_BAD_SEQUENCE: if no cpHash has been computed. + * @retval TSS2_ESYS_RC_BAD_VALUE if hashAlg is not found. + * @retval TSS2_ESYS_RC_BAD_REFERENCE if esys_ctx is NULL. + * @retval TSS2_ESYS_RC_MEMORY if the buffer for the cpHash can't + * be allocated. + */ +TSS2_RC Esys_GetCpHash(ESYS_CONTEXT* esys_ctx, + TPMI_ALG_HASH hashAlg, uint8_t **cpHash, size_t *cpHash_size) { + return_if_null(esys_ctx, "ESYS context is NULL", + TSS2_ESYS_RC_BAD_REFERENCE); + if (esys_ctx->cmd_hash != CP_HASH) { + return_error(TSS2_ESYS_RC_BAD_SEQUENCE, "No cp hash is available."); + } + return get_hash(&esys_ctx->hash_tab[0], hashAlg, cpHash, cpHash_size); +} + +/** Get the rpHash buffer computed by an ESYS finalize call. + * + * The buffer will be returned if the buffer is found for the passed hashAlg. + * @param esys_ctx [in,out] The ESYS_CONTEXT. + * @param hashAlg [in] The hash alg used to compute the rp hash. + * @param cpHash [out] The buffer containing the rp hash. + * (caller-callocated) + * @param cpHash_size [out] The size of the cpHash buffer. + * @retval TSS2_RC_SUCCESS on Success. + * @retval TSS2_ESYS_RC_BAD_SEQUENCE: if no cpHash has been computed. + * @retval TSS2_ESYS_RC_BAD_VALUE if hashAlg is not found. + * @retval TSS2_ESYS_RC_BAD_REFERENCE if esys_ctx is NULL. + * @retval TSS2_ESYS_RC_MEMORY if the buffer for the cpHash can't + * be allocated. + */ +TSS2_RC Esys_GetRpHash(ESYS_CONTEXT* esys_ctx, + TPMI_ALG_HASH hashAlg, uint8_t **cpHash, size_t *cpHash_size) { + return_if_null(esys_ctx, "ESYS context is NULL", + TSS2_ESYS_RC_BAD_REFERENCE); + if (esys_ctx->cmd_hash != RP_HASH) { + return_error(TSS2_ESYS_RC_BAD_SEQUENCE, "No cp hash is available."); + } + return get_hash(&esys_ctx->hash_tab[0], hashAlg, cpHash, cpHash_size); +} + +/** Reset the ESYS state. + * + * If only the cp hash will be computed and there will no finish call + * after the async call the ESYS sate has to be reset to allow further ESYS calls. + * @param esys_ctx [in,out] The ESYS_CONTEXT. + * @param cpHash_size [out] The size of the cpHash buffer. + * @retval TSS2_RC_SUCCESS on Success. + * @retval TSS2_ESYS_RC_BAD_REFERENCE if esys_ctx is NULL. + */ +TSS2_RC Esys_Abort(ESYS_CONTEXT* esys_ctx) { + TSS2_SYS_CONTEXT *sys_ctx; + TSS2_RC r; + + return_if_null(esys_ctx, "ESYS context is NULL", + TSS2_ESYS_RC_BAD_REFERENCE); + esys_ctx->state = ESYS_STATE_INIT; + + r = Esys_GetSysContext(esys_ctx, &sys_ctx); + return_if_error(r, "Could not get Sys context"); + + return Tss2_Sys_Abort(sys_ctx); +} diff --git a/src/tss2-esys/esys_int.h b/src/tss2-esys/esys_int.h index 469534822..a36b135bf 100644 --- a/src/tss2-esys/esys_int.h +++ b/src/tss2-esys/esys_int.h @@ -34,6 +34,13 @@ typedef struct RSRC_NODE_T { struct RSRC_NODE_T * next; /**< The next object in the linked list. */ } RSRC_NODE_T; +/** An entry in a cpHash or rpHash table. */ +typedef struct { + TPM2_ALG_ID alg; /**< The hash algorithm. */ + size_t size; /**< The digest size. */ + uint8_t digest[sizeof(TPMU_HA)]; /**< The digest. */ +} HASH_TAB_ITEM; + typedef struct { ESYS_TR tpmKey; ESYS_TR bind; @@ -159,6 +166,13 @@ enum ESYS_STATE { ESAPI code. */ }; +/** The last computed cp or rp hash */ +enum ESYS_CMD_HASH { + NONE = 0, /**< No hash was computed */ + CP_HASH, /**< The CP hash is computed. */ + RP_HASH /**< The RP hash is computed. */ +}; + /** The data structure holding internal state information. * * Each ESYS_CONTEXT respresents a logically independent connection to the TPM. @@ -204,6 +218,8 @@ struct ESYS_CONTEXT { ESYS_CRYPTO_CALLBACKS crypto_backend; /**< The backend function pointers to use for crypto operations */ + enum ESYS_CMD_HASH cmd_hash; /**< Switch what hash (cp, rp or none) is computed. */ + HASH_TAB_ITEM hash_tab[3]; /**< Buffer for cp/rp hash values */ }; /** The number of authomatic resubmissions. diff --git a/src/tss2-esys/esys_iutil.c b/src/tss2-esys/esys_iutil.c index afad6e113..8460bbfe0 100644 --- a/src/tss2-esys/esys_iutil.c +++ b/src/tss2-esys/esys_iutil.c @@ -251,6 +251,7 @@ iesys_compute_cp_hashtab(ESYS_CONTEXT * esys_context, } } } + esys_context->cmd_hash = CP_HASH; return r; } @@ -311,6 +312,7 @@ iesys_compute_rp_hashtab(ESYS_CONTEXT * esys_context, *rpHashNum += 1; } } + esys_context->cmd_hash = RP_HASH; return TPM2_RC_SUCCESS; } /** Create an esys resource object corresponding to a TPM object. @@ -1389,7 +1391,6 @@ iesys_gen_auths(ESYS_CONTEXT * esys_context, RSRC_NODE_T *objects[] = { h1, h2, h3 }; - HASH_TAB_ITEM cp_hash_tab[3]; uint8_t cpHashNum = 0; auths->count = 0; @@ -1412,14 +1413,13 @@ iesys_gen_auths(ESYS_CONTEXT * esys_context, decryptNonceIdx = 0; } - /* Compute cp hash values for command buffer for all used algorithms */ r = iesys_compute_cp_hashtab(esys_context, (h1 != NULL) ? &h1->rsrc.name : NULL, (h2 != NULL) ? &h2->rsrc.name : NULL, (h3 != NULL) ? &h3->rsrc.name : NULL, - &cp_hash_tab[0], &cpHashNum); + &esys_context->hash_tab[0], &cpHashNum); return_if_error(r, "Error while computing cp hashes"); for (int session_idx = 0; session_idx < 3; session_idx++) { @@ -1453,7 +1453,7 @@ iesys_gen_auths(ESYS_CONTEXT * esys_context, } } r = iesys_compute_hmac(esys_context, esys_context->session_tab[session_idx], - &cp_hash_tab[0], cpHashNum, + &esys_context->hash_tab[0], cpHashNum, (session_idx == 0 && decryptNonceIdx > 0) ? decryptNonce : NULL, (session_idx == 0 @@ -1494,7 +1494,6 @@ iesys_check_response(ESYS_CONTEXT * esys_context) const uint8_t *rpBuffer; size_t rpBuffer_size; TSS2L_SYS_AUTH_RESPONSE rspAuths; - HASH_TAB_ITEM rp_hash_tab[3]; uint8_t rpHashNum = 0; if (esys_context->authsCount == 0) { @@ -1523,10 +1522,10 @@ iesys_check_response(ESYS_CONTEXT * esys_context) r = iesys_compute_rp_hashtab(esys_context, rpBuffer, rpBuffer_size, - &rp_hash_tab[0], &rpHashNum); + &esys_context->hash_tab[0], &rpHashNum); return_if_error(r, "Error: while computing response hashes"); - r = iesys_check_rp_hmacs(esys_context, &rspAuths, &rp_hash_tab[0], + r = iesys_check_rp_hmacs(esys_context, &rspAuths, &esys_context->hash_tab[0], rpHashNum); return_if_error(r, "Error: response hmac check"); diff --git a/src/tss2-esys/esys_iutil.h b/src/tss2-esys/esys_iutil.h index 6167a44a9..2c0e42a9f 100644 --- a/src/tss2-esys/esys_iutil.h +++ b/src/tss2-esys/esys_iutil.h @@ -33,13 +33,6 @@ extern "C" { */ #define ESYS_TR_MIN_OBJECT (TPM2_RH_LAST + 1 + 0x1000) -/** An entry in a cpHash or rpHash table. */ -typedef struct { - TPM2_ALG_ID alg; /**< The hash algorithm. */ - size_t size; /**< The digest size. */ - uint8_t digest[sizeof(TPMU_HA)]; /**< The digest. */ -} HASH_TAB_ITEM; - TSS2_RC init_session_tab( ESYS_CONTEXT *esysContext, ESYS_TR shandle1, ESYS_TR shandle2, ESYS_TR shandle3); diff --git a/src/tss2-esys/tss2-esys.vcxproj b/src/tss2-esys/tss2-esys.vcxproj index 39bcf15f0..0f9e8cfc7 100644 --- a/src/tss2-esys/tss2-esys.vcxproj +++ b/src/tss2-esys/tss2-esys.vcxproj @@ -243,6 +243,7 @@ + @@ -264,4 +265,4 @@ - \ No newline at end of file + diff --git a/test/integration/esys-cp-hash.int.c b/test/integration/esys-cp-hash.int.c new file mode 100644 index 000000000..5422000d2 --- /dev/null +++ b/test/integration/esys-cp-hash.int.c @@ -0,0 +1,172 @@ +/* SPDX-License-Identifier: BSD-2-Clause */ +/******************************************************************************* + * Copyright 2025, Juergen Repp + * All rights reserved. + *******************************************************************************/ + +#ifdef HAVE_CONFIG_H +#include "config.h" // IWYU pragma: keep +#endif + +#include // for free, NULL, EXIT_FAILURE, EXIT_SUCCESS + +#include "tss2_common.h" // for BYTE, TSS2_RC +#include "tss2_esys.h" // for ESYS_TR_NONE, Esys_GetRandom, Esys_Star... +#include "tss2_tpm2_types.h" // for TPM2B_DIGEST, TPM2_RC_SUCCESS, TPMA_SES... + +#define LOGMODULE test +#include "util/log.h" // for LOG_ERROR, LOGBLOB_DEBUG, LOG_INFO + +#define base_rc(r) ((r) & ~TSS2_RC_LAYER_MASK) + +/** Test the ESYS function Esys_GetRandom. + * + * Tested ESYS commands: + * - Esys_GetRandom() (M) + * - Esys_StartAuthSession() (M) + * + * @param[in,out] esys_context The ESYS_CONTEXT. + * @retval EXIT_FAILURE + * @retval EXIT_SUCCESS + */ +int +test_esyscp_hash(ESYS_CONTEXT * esys_context) +{ + + TSS2_RC r; + int i; + + TPM2B_DIGEST *randomBytes; + + uint8_t get_rand_cp_hash[32] = + { 0xc0, 0x75, 0xb7, 0xe6, 0x37, 0xa7, 0x13, 0x1b, 0x0c, 0x52, + 0x3c, 0xf1, 0x96, 0x5e, 0xba, 0xe2, 0xaf, 0xb1, 0x16, 0x0b, + 0x6e, 0xf7, 0xc7, 0xe9, 0x2d, 0x0d, 0x24, 0xce, 0x0a, 0x5d, + 0x94, 0x11 }; + + ESYS_TR session = ESYS_TR_NONE; + const TPMT_SYM_DEF symmetric = { + .algorithm = TPM2_ALG_AES, + .keyBits = {.aes = 128}, + .mode = {.aes = TPM2_ALG_CFB} + }; + uint8_t *cp_hash; + size_t cp_hash_size; + uint8_t *rp_hash; + size_t rp_hash_size; + + r = Esys_StartAuthSession(esys_context, ESYS_TR_NONE, ESYS_TR_NONE, + ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE, + NULL, + TPM2_SE_HMAC, &symmetric, TPM2_ALG_SHA256, + &session); + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("Esys_StartAuthSession FAILED! Response Code : 0x%x", r); + goto error; + } + + r = Esys_TRSess_SetAttributes(esys_context, session, TPMA_SESSION_CONTINUESESSION | TPMA_SESSION_AUDIT, + TPMA_SESSION_CONTINUESESSION | TPMA_SESSION_AUDIT); + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("SetAttributes on session FAILED! Response Code : 0x%x", r); + goto error_cleansession; + } + + r = Esys_GetRandom_Async(esys_context, session, ESYS_TR_NONE, ESYS_TR_NONE, 48); + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("GetRandom with session FAILED! Response Code : 0x%x", r); + goto error_cleansession; + } + + r = Esys_GetCpHash(esys_context, TPM2_ALG_SHA256, &cp_hash, &cp_hash_size); + + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("GetCpHash FAILED! Response Code : 0x%x", r); + goto error_cleansession; + } + + LOGBLOB_DEBUG(cp_hash, cp_hash_size, "cp hash"); + + /* Check cp hash for get_random with 48 bytes. */ + for (i = 0; i < 32; i++) { + if (cp_hash[i] != get_rand_cp_hash[i]) { + LOG_ERROR("Wrong cp hash value."); + free(cp_hash); + goto error_cleansession; + } + } + free(cp_hash); + + r = Esys_GetRandom_Finish(esys_context, &randomBytes); + while (base_rc(r) == TSS2_BASE_RC_TRY_AGAIN) { + r = Esys_GetRandom_Finish(esys_context, &randomBytes); + } + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("GetRandom with session FAILED! Response Code : 0x%x", r); + goto error_cleansession; + } + + r = Esys_GetRpHash(esys_context, TPM2_ALG_SHA256, &rp_hash, &rp_hash_size); + + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("GetRpHash FAILED! Response Code : 0x%x", r); + goto error_cleansession; + } + free(rp_hash); + + LOGBLOB_DEBUG(&randomBytes->buffer[0], randomBytes->size, + "Randoms (count=%i):", randomBytes->size); + free(randomBytes); + + r = Esys_GetRandom_Async(esys_context, session, ESYS_TR_NONE, ESYS_TR_NONE, 48); + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("GetRandom with session FAILED! Response Code : 0x%x", r); + goto error_cleansession; + } + + r = Esys_GetCpHash(esys_context, TPM2_ALG_SHA256, &cp_hash, &cp_hash_size); + + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("GetCpHash FAILED! Response Code : 0x%x", r); + goto error_cleansession; + } + + free(cp_hash); + + /* Check whether call of Esys_GetRandom works after abort. */ + + r = Esys_Abort(esys_context); + + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("Abort FAILED! Response Code : 0x%x", r); + goto error_cleansession; + } + r = Esys_GetRandom(esys_context, session, ESYS_TR_NONE, ESYS_TR_NONE, 48, + &randomBytes); + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("GetRandom with session FAILED! Response Code : 0x%x", r); + goto error_cleansession; + } + + free(randomBytes); + + r = Esys_FlushContext(esys_context, session); + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("FlushContext FAILED! Response Code : 0x%x", r); + } + + return EXIT_SUCCESS; + + error_cleansession: + r = Esys_FlushContext(esys_context, session); + if (r != TPM2_RC_SUCCESS) { + LOG_ERROR("FlushContext FAILED! Response Code : 0x%x", r); + } + error: + return EXIT_FAILURE; +} + +int +test_invoke_esys(ESYS_CONTEXT * esys_context) { + return test_esyscp_hash(esys_context); +} diff --git a/test/integration/test-common.c b/test/integration/test-common.c index bc459569a..f780c7aac 100644 --- a/test/integration/test-common.c +++ b/test/integration/test-common.c @@ -429,6 +429,8 @@ test_esys_setup(TSS2_TEST_ESYS_CONTEXT **test_ctx) size_t size; char *name_conf; + LOG_ERROR("XXX 111111"); + size = sizeof(TSS2_TEST_ESYS_CONTEXT); *test_ctx = malloc(size); if (test_ctx == NULL) { diff --git a/tss2-dlopen/tss2-dlopen-esys.c b/tss2-dlopen/tss2-dlopen-esys.c index 3c261ed42..67a9c1d1c 100644 --- a/tss2-dlopen/tss2-dlopen-esys.c +++ b/tss2-dlopen/tss2-dlopen-esys.c @@ -2303,3 +2303,12 @@ MAKE_ESYS_1(Esys_GetSysContext, TSS2_SYS_CONTEXT **, sys_context); MAKE_ESYS_1(Esys_SetCryptoCallbacks, ESYS_CRYPTO_CALLBACKS *, callbacks); +MAKE_ESYS_3(Esys_GetCpHash, + TPMI_ALG_HASH, hashAlg, + uint8_t **, cpHash, + size_t, *cpHash_size); +MAKE_ESYS_3(Esys_GetRpHash, + TPMI_ALG_HASH, hashAlg, + uint8_t **, cpHash, + size_t, *cpHash_size); +MAKE_ESYS_0(Esys_Abort);