Provided by: libtss2-doc_3.2.1-3ubuntu1_all bug

NAME

       Esys_PolicySecret - The ESAPI function for the TPM2_PolicySecret command.

SYNOPSIS

   Functions
       TSS2_RC Esys_PolicySecret_Async (ESYS_CONTEXT *esysContext, ESYS_TR authHandle, ESYS_TR
           policySession, ESYS_TR shandle1, ESYS_TR shandle2, ESYS_TR shandle3, const TPM2B_NONCE
           *nonceTPM, const TPM2B_DIGEST *cpHashA, const TPM2B_NONCE *policyRef, INT32
           expiration)
       TSS2_RC Esys_PolicySecret (ESYS_CONTEXT *esysContext, ESYS_TR authHandle, ESYS_TR
           policySession, ESYS_TR shandle1, ESYS_TR shandle2, ESYS_TR shandle3, const TPM2B_NONCE
           *nonceTPM, const TPM2B_DIGEST *cpHashA, const TPM2B_NONCE *policyRef, INT32
           expiration, TPM2B_TIMEOUT **timeout, TPMT_TK_AUTH **policyTicket)
       TSS2_RC Esys_PolicySecret_Finish (ESYS_CONTEXT *esysContext, TPM2B_TIMEOUT **timeout,
           TPMT_TK_AUTH **policyTicket)

Detailed Description

       ESAPI function to invoke the TPM2_PolicySecret command either as a one-call or in an
       asynchronous manner.

Function Documentation

   TSS2_RC Esys_PolicySecret (ESYS_CONTEXT * esysContext, ESYS_TR authHandle, ESYS_TR
       policySession, ESYS_TR shandle1, ESYS_TR shandle2, ESYS_TR shandle3, const TPM2B_NONCE *
       nonceTPM, const TPM2B_DIGEST * cpHashA, const TPM2B_NONCE * policyRef, INT32 expiration,
       TPM2B_TIMEOUT ** timeout, TPMT_TK_AUTH ** policyTicket)
       One-Call function for TPM2_PolicySecret

       This function invokes the TPM2_PolicySecret command in a one-call variant. This means the
       function will block until the TPM response is available. All input parameters are const.
       The memory for non-simple output parameters is allocated by the function implementation.

       Parameters
           esysContext The ESYS_CONTEXT.
           authHandle Handle for an entity providing the authorization.
           policySession Handle for the policy session being extended.
           shandle1 Session handle for authorization of authHandle
           shandle2 Second session handle.
           shandle3 Third session handle.
           nonceTPM The policy nonce for the session.
           cpHashA Digest of the command parameters to which this authorization is limited.
           policyRef A reference to a policy relating to the authorization

           • may be the Empty Buffer.

           expiration Time when authorization will expire, measured in seconds from the time that
           nonceTPM was generated.
           timeout Implementation-specific time value used to indicate to the TPM when the ticket
           expires; this ticket will use the TPMT_ST_AUTH_SECRET structure tag. (callee-
           allocated)
           policyTicket Produced if the command succeeds and expiration in the command was non-
           zero ( See 23.2.5). (callee-allocated)

       Return values
           TSS2_RC_SUCCESS if the function call was a success.
           TSS2_ESYS_RC_BAD_REFERENCE if the esysContext or required input pointers or required
           output handle references are NULL.
           TSS2_ESYS_RC_BAD_CONTEXT if esysContext corruption is detected.
           TSS2_ESYS_RC_MEMORY if the ESAPI cannot allocate enough memory for internal operations
           or return parameters.
           TSS2_ESYS_RC_BAD_SEQUENCE if the context has an asynchronous operation already
           pending.
           TSS2_ESYS_RC_INSUFFICIENT_RESPONSE if the TPM's response does not at least contain the
           tag, response length, and response code.
           TSS2_ESYS_RC_MALFORMED_RESPONSE if the TPM's response is corrupted.
           TSS2_ESYS_RC_RSP_AUTH_FAILED if the response HMAC from the TPM did not verify.
           TSS2_ESYS_RC_MULTIPLE_DECRYPT_SESSIONS if more than one session has the 'decrypt'
           attribute bit set.
           TSS2_ESYS_RC_MULTIPLE_ENCRYPT_SESSIONS if more than one session has the 'encrypt'
           attribute bit set.
           TSS2_ESYS_RC_BAD_TR if any of the ESYS_TR objects are unknown to the ESYS_CONTEXT or
           are of the wrong type or if required ESYS_TR objects are ESYS_TR_NONE.
           TSS2_RCs produced by lower layers of the software stack may be returned to the caller
           unaltered unless handled internally.

   TSS2_RC Esys_PolicySecret_Async (ESYS_CONTEXT * esysContext, ESYS_TR authHandle, ESYS_TR
       policySession, ESYS_TR shandle1, ESYS_TR shandle2, ESYS_TR shandle3, const TPM2B_NONCE *
       nonceTPM, const TPM2B_DIGEST * cpHashA, const TPM2B_NONCE * policyRef, INT32 expiration)
       Asynchronous function for TPM2_PolicySecret

       This function invokes the TPM2_PolicySecret command in a asynchronous variant. This means
       the function will return as soon as the command has been sent downwards the stack to the
       TPM. All input parameters are const. In order to retrieve the TPM's response call
       Esys_PolicySecret_Finish.

       Parameters
           esysContext The ESYS_CONTEXT.
           authHandle Handle for an entity providing the authorization.
           policySession Handle for the policy session being extended.
           shandle1 Session handle for authorization of authHandle
           shandle2 Second session handle.
           shandle3 Third session handle.
           nonceTPM The policy nonce for the session.
           cpHashA Digest of the command parameters to which this authorization is limited.
           policyRef A reference to a policy relating to the authorization

           • may be the Empty Buffer.

           expiration Time when authorization will expire, measured in seconds from the time that
           nonceTPM was generated.

       Return values
           ESYS_RC_SUCCESS if the function call was a success.
           TSS2_ESYS_RC_BAD_REFERENCE if the esysContext or required input pointers or required
           output handle references are NULL.
           TSS2_ESYS_RC_BAD_CONTEXT if esysContext corruption is detected.
           TSS2_ESYS_RC_MEMORY if the ESAPI cannot allocate enough memory for internal operations
           or return parameters.
           TSS2_RCs produced by lower layers of the software stack may be returned to the caller
           unaltered unless handled internally.
           TSS2_ESYS_RC_MULTIPLE_DECRYPT_SESSIONS if more than one session has the 'decrypt'
           attribute bit set.
           TSS2_ESYS_RC_MULTIPLE_ENCRYPT_SESSIONS if more than one session has the 'encrypt'
           attribute bit set.
           TSS2_ESYS_RC_BAD_TR if any of the ESYS_TR objects are unknown to the ESYS_CONTEXT or
           are of the wrong type or if required ESYS_TR objects are ESYS_TR_NONE.

   TSS2_RC Esys_PolicySecret_Finish (ESYS_CONTEXT * esysContext, TPM2B_TIMEOUT ** timeout,
       TPMT_TK_AUTH ** policyTicket)
       Asynchronous finish function for TPM2_PolicySecret

       This function returns the results of a TPM2_PolicySecret command invoked via
       Esys_PolicySecret_Finish. All non-simple output parameters are allocated by the function's
       implementation. NULL can be passed for every output parameter if the value is not
       required.

       Parameters
           esysContext The ESYS_CONTEXT.
           timeout Implementation-specific time value used to indicate to the TPM when the ticket
           expires; this ticket will use the TPMT_ST_AUTH_SECRET structure tag. (callee-
           allocated)
           policyTicket Produced if the command succeeds and expiration in the command was non-
           zero ( See 23.2.5). (callee-allocated)

       Return values
           TSS2_RC_SUCCESS on success
           ESYS_RC_SUCCESS if the function call was a success.
           TSS2_ESYS_RC_BAD_REFERENCE if the esysContext or required input pointers or required
           output handle references are NULL.
           TSS2_ESYS_RC_BAD_CONTEXT if esysContext corruption is detected.
           TSS2_ESYS_RC_MEMORY if the ESAPI cannot allocate enough memory for internal operations
           or return parameters.
           TSS2_ESYS_RC_BAD_SEQUENCE if the context has an asynchronous operation already
           pending.
           TSS2_ESYS_RC_TRY_AGAIN if the timeout counter expires before the TPM response is
           received.
           TSS2_ESYS_RC_INSUFFICIENT_RESPONSE if the TPM's response does not at least contain the
           tag, response length, and response code.
           TSS2_ESYS_RC_RSP_AUTH_FAILED if the response HMAC from the TPM did not verify.
           TSS2_ESYS_RC_MALFORMED_RESPONSE if the TPM's response is corrupted.
           TSS2_RCs produced by lower layers of the software stack may be returned to the caller
           unaltered unless handled internally.

Author

       Generated automatically by Doxygen for tpm2-tss from the source code.