Fapi_Sign

NAME

Fapi_Sign − Fapi_Sign

SYNOPSIS

Functions

TSS2_RC Fapi_Sign (FAPI_CONTEXT *context, char const *keyPath, char const *padding, uint8_t const *digest, size_t digestSize, uint8_t **signature, size_t *signatureSize, char **publicKey, char **certificate)
TSS2_RC Fapi_Sign_Async (FAPI_CONTEXT *context, char const *keyPath, char const *padding, uint8_t const *digest, size_t digestSize)
TSS2_RC Fapi_Sign_Finish (FAPI_CONTEXT *context, uint8_t **signature, size_t *signatureSize, char **publicKey, char **certificate)

Detailed Description

FAPI functions to invoke Sign either as one-call or in an asynchronous manner.

Function Documentation

Fapi_Sign (FAPI_CONTEXT * context, char const * keyPath, char const * padding, uint8_t const * digest, size_t digestSize, uint8_t ** signature, size_t * signatureSize, char ** publicKey, char ** certificate)
One-Call function for Fapi_Sign

Uses a key, identified by its path, to sign a digest and puts the result in a TPM2B bytestream.

Parameters

context The FAPI_CONTEXT
keyPath
The path of the signature key
padding
A padding algorithm. Must be either ’RSA_SSA’ or ’RSA_PSS’ or NULL
digest
The digest to sign. Must be already hashed
digestSize
The size of the digest in bytes
signature
The signature
signatureSize
The size of signature in bytes. May be NULL
publicKey
The public key that can be used to verify signature in PEM format. May be NULL
certificate
The certificate associated with the signing key in PEM format. May be NULL

Return values

TSS2_RC_SUCCESS if the function call was a success.
TSS2_FAPI_RC_BAD_REFERENCE
if context, keyPath, digest or signature is NULL.
TSS2_FAPI_RC_BAD_CONTEXT
if context corruption is detected.
TSS2_FAPI_RC_KEY_NOT_FOUND
if keyPath does not map to a FAPI key.
TSS2_FAPI_RC_BAD_KEY
if the object at keyPath is not a key, or is a key that is unsuitable for the requested operation.
TSS2_FAPI_RC_BAD_VALUE
if the digestSize is zero.
TSS2_FAPI_RC_BAD_SEQUENCE
if the context has an asynchronous operation already pending.
TSS2_FAPI_RC_IO_ERROR
if the data cannot be saved.
TSS2_FAPI_RC_MEMORY
if the FAPI cannot allocate enough memory for internal operations or return parameters.
TSS2_FAPI_RC_NO_TPM
if FAPI was initialized in no-TPM-mode via its config file.
TSS2_FAPI_RC_TRY_AGAIN
if an I/O operation is not finished yet and this function needs to be called again.
TSS2_FAPI_RC_PATH_NOT_FOUND
if a FAPI object path was not found during authorization.
TSS2_FAPI_RC_GENERAL_FAILURE
if an internal error occurred.
TSS2_FAPI_RC_AUTHORIZATION_UNKNOWN
if a required authorization callback is not set.
TSS2_FAPI_RC_AUTHORIZATION_FAILED
if the authorization attempt fails.
TSS2_FAPI_RC_POLICY_UNKNOWN
if policy search for a certain policy digest was not successful.
TSS2_ESYS_RC_*
possible error codes of ESAPI.
TSS2_FAPI_RC_NOT_PROVISIONED
FAPI was not provisioned.
TSS2_FAPI_RC_BAD_PATH
if the path is used in inappropriate context or contains illegal characters.

Fapi_Sign_Async (FAPI_CONTEXT * context, char const * keyPath, char const * padding, uint8_t const * digest, size_t digestSize)
Asynchronous function for Fapi_Sign

Uses a key, identified by its path, to sign a digest and puts the result in a TPM2B bytestream.

Call Fapi_Sign_Finish to finish the execution of this command.

Parameters

context The FAPI_CONTEXT
keyPath
The path of the signature key
padding
A padding algorithm. Must be either ’RSA_SSA’ or ’RSA_PSS’ or NULL
digest
The digest to sign. Must be already hashed
digestSize
The size of the digest in bytes

Return values

TSS2_RC_SUCCESS if the function call was a success.
TSS2_FAPI_RC_BAD_REFERENCE
if context, keyPath or digest is NULL.
TSS2_FAPI_RC_BAD_CONTEXT
if context corruption is detected.
TSS2_FAPI_RC_KEY_NOT_FOUND
if keyPath does not map to a FAPI key.
TSS2_FAPI_RC_BAD_KEY
if the object at keyPath is not a key, or is a key that is unsuitable for the requested operation.
TSS2_FAPI_RC_BAD_VALUE
if the digestSize is zero.
TSS2_FAPI_RC_BAD_SEQUENCE
if the context has an asynchronous operation already pending.
TSS2_FAPI_RC_IO_ERROR
if the data cannot be saved.
TSS2_FAPI_RC_MEMORY
if the FAPI cannot allocate enough memory for internal operations or return parameters.
TSS2_FAPI_RC_NO_TPM
if FAPI was initialized in no-TPM-mode via its config file.

Fapi_Sign_Finish (FAPI_CONTEXT * context, uint8_t ** signature, size_t * signatureSize, char ** publicKey, char ** certificate)
Asynchronous finish function for Fapi_Sign

This function should be called after a previous Fapi_Sign_Async.

Parameters

context The FAPI_CONTEXT
signature
The signature
signatureSize
The size of signature in bytes. May be NULL
publicKey
The public key that can be used to verify signature in PEM format. May be NULL
certificate
The certificate associated with the signing key in PEM format. May be NULL

Return values

TSS2_RC_SUCCESS if the function call was a success.
TSS2_FAPI_RC_BAD_REFERENCE
if context or signature is NULL.
TSS2_FAPI_RC_BAD_CONTEXT
if context corruption is detected.
TSS2_FAPI_RC_BAD_SEQUENCE
if the context has an asynchronous operation already pending.
TSS2_FAPI_RC_IO_ERROR
if the data cannot be saved.
TSS2_FAPI_RC_MEMORY
if the FAPI cannot allocate enough memory for internal operations or return parameters.
TSS2_FAPI_RC_TRY_AGAIN
if the asynchronous operation is not yet complete. Call this function again later.
TSS2_FAPI_RC_PATH_NOT_FOUND
if a FAPI object path was not found during authorization.
TSS2_FAPI_RC_KEY_NOT_FOUND
if a key was not found.
TSS2_FAPI_RC_BAD_VALUE
if an invalid value was passed into the function.
TSS2_FAPI_RC_GENERAL_FAILURE
if an internal error occurred.
TSS2_FAPI_RC_AUTHORIZATION_UNKNOWN
if a required authorization callback is not set.
TSS2_FAPI_RC_AUTHORIZATION_FAILED
if the authorization attempt fails.
TSS2_FAPI_RC_POLICY_UNKNOWN
if policy search for a certain policy digest was not successful.
TSS2_ESYS_RC_*
possible error codes of ESAPI.
TSS2_FAPI_RC_NOT_PROVISIONED
FAPI was not provisioned.
TSS2_FAPI_RC_BAD_PATH
if the path is used in inappropriate context or contains illegal characters.

Author

Generated automatically by Doxygen for tpm2-tss from the source code.