1 | // =================================================================== |
---|
2 | // |
---|
3 | // Copyright (c) 2005, Intel Corp. |
---|
4 | // All rights reserved. |
---|
5 | // |
---|
6 | // Redistribution and use in source and binary forms, with or without |
---|
7 | // modification, are permitted provided that the following conditions |
---|
8 | // are met: |
---|
9 | // |
---|
10 | // * Redistributions of source code must retain the above copyright |
---|
11 | // notice, this list of conditions and the following disclaimer. |
---|
12 | // * Redistributions in binary form must reproduce the above |
---|
13 | // copyright notice, this list of conditions and the following |
---|
14 | // disclaimer in the documentation and/or other materials provided |
---|
15 | // with the distribution. |
---|
16 | // * Neither the name of Intel Corporation nor the names of its |
---|
17 | // contributors may be used to endorse or promote products derived |
---|
18 | // from this software without specific prior written permission. |
---|
19 | // |
---|
20 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
---|
21 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
---|
22 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
---|
23 | // FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
---|
24 | // COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
---|
25 | // INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
---|
26 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR |
---|
27 | // SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
---|
28 | // HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
---|
29 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
---|
30 | // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
---|
31 | // OF THE POSSIBILITY OF SUCH DAMAGE. |
---|
32 | // =================================================================== |
---|
33 | |
---|
34 | #include <stdlib.h> |
---|
35 | #include <string.h> |
---|
36 | #include <stdio.h> |
---|
37 | |
---|
38 | #include "buffer.h" |
---|
39 | #include "tcg.h" |
---|
40 | |
---|
41 | // Helper code for the consts, eg. to produce messages for error codes. |
---|
42 | |
---|
43 | typedef struct error_code_entry_t { |
---|
44 | TPM_RESULT code; |
---|
45 | char * code_name; |
---|
46 | char * msg; |
---|
47 | } error_code_entry_t; |
---|
48 | |
---|
49 | static const error_code_entry_t error_msgs [] = { |
---|
50 | { TPM_SUCCESS, "TPM_SUCCESS", "Successful completion of the operation" }, |
---|
51 | { TPM_AUTHFAIL, "TPM_AUTHFAIL", "Authentication failed" }, |
---|
52 | { TPM_BADINDEX, "TPM_BADINDEX", "The index to a PCR, DIR or other register is incorrect" }, |
---|
53 | { TPM_BAD_PARAMETER, "TPM_BAD_PARAMETER", "One or more parameter is bad" }, |
---|
54 | { TPM_AUDITFAILURE, "TPM_AUDITFAILURE", "An operation completed successfully but the auditing of that operation failed." }, |
---|
55 | { TPM_CLEAR_DISABLED, "TPM_CLEAR_DISABLED", "The clear disable flag is set and all clear operations now require physical access" }, |
---|
56 | { TPM_DEACTIVATED, "TPM_DEACTIVATED", "The TPM is deactivated" }, |
---|
57 | { TPM_DISABLED, "TPM_DISABLED", "The TPM is disabled" }, |
---|
58 | { TPM_DISABLED_CMD, "TPM_DISABLED_CMD", "The target command has been disabled" }, |
---|
59 | { TPM_FAIL, "TPM_FAIL", "The operation failed" }, |
---|
60 | { TPM_BAD_ORDINAL, "TPM_BAD_ORDINAL", "The ordinal was unknown or inconsistent" }, |
---|
61 | { TPM_INSTALL_DISABLED, "TPM_INSTALL_DISABLED", "The ability to install an owner is disabled" }, |
---|
62 | { TPM_INVALID_KEYHANDLE, "TPM_INVALID_KEYHANDLE", "The key handle presented was invalid" }, |
---|
63 | { TPM_KEYNOTFOUND, "TPM_KEYNOTFOUND", "The target key was not found" }, |
---|
64 | { TPM_INAPPROPRIATE_ENC, "TPM_INAPPROPRIATE_ENC", "Unacceptable encryption scheme" }, |
---|
65 | { TPM_MIGRATEFAIL, "TPM_MIGRATEFAIL", "Migration authorization failed" }, |
---|
66 | { TPM_INVALID_PCR_INFO, "TPM_INVALID_PCR_INFO", "PCR information could not be interpreted" }, |
---|
67 | { TPM_NOSPACE, "TPM_NOSPACE", "No room to load key." }, |
---|
68 | { TPM_NOSRK, "TPM_NOSRK", "There is no SRK set" }, |
---|
69 | { TPM_NOTSEALED_BLOB, "TPM_NOTSEALED_BLOB", "An encrypted blob is invalid or was not created by this TPM" }, |
---|
70 | { TPM_OWNER_SET, "TPM_OWNER_SET", "There is already an Owner" }, |
---|
71 | { TPM_RESOURCES, "TPM_RESOURCES", "The TPM has insufficient internal resources to perform the requested action." }, |
---|
72 | { TPM_SHORTRANDOM, "TPM_SHORTRANDOM", "A random string was too short" }, |
---|
73 | { TPM_SIZE, "TPM_SIZE", "The TPM does not have the space to perform the operation." }, |
---|
74 | { TPM_WRONGPCRVAL, "TPM_WRONGPCRVAL", "The named PCR value does not match the current PCR value." }, |
---|
75 | { TPM_BAD_PARAM_SIZE, "TPM_BAD_PARAM_SIZE", "The paramSize argument to the command has the incorrect value" }, |
---|
76 | { TPM_SHA_THREAD, "TPM_SHA_THREAD", "There is no existing SHA-1 thread." }, |
---|
77 | { TPM_SHA_ERROR, "TPM_SHA_ERROR", "The calculation is unable to proceed because the existing SHA-1 thread has already encountered an error." }, |
---|
78 | { TPM_FAILEDSELFTEST, "TPM_FAILEDSELFTEST", "Self-test has failed and the TPM has shutdown." }, |
---|
79 | { TPM_AUTH2FAIL, "TPM_AUTH2FAIL", "The authorization for the second key in a 2 key function failed authorization" }, |
---|
80 | { TPM_BADTAG, "TPM_BADTAG", "The tag value sent to for a command is invalid" }, |
---|
81 | { TPM_IOERROR, "TPM_IOERROR", "An IO error occurred transmitting information to the TPM" }, |
---|
82 | { TPM_ENCRYPT_ERROR, "TPM_ENCRYPT_ERROR", "The encryption process had a problem." }, |
---|
83 | { TPM_DECRYPT_ERROR, "TPM_DECRYPT_ERROR", "The decryption process did not complete." }, |
---|
84 | { TPM_INVALID_AUTHHANDLE, "TPM_INVALID_AUTHHANDLE", "An invalid handle was used." }, |
---|
85 | { TPM_NO_ENDORSEMENT, "TPM_NO_ENDORSEMENT", "The TPM does not a EK installed" }, |
---|
86 | { TPM_INVALID_KEYUSAGE, "TPM_INVALID_KEYUSAGE", "The usage of a key is not allowed" }, |
---|
87 | { TPM_WRONG_ENTITYTYPE, "TPM_WRONG_ENTITYTYPE", "The submitted entity type is not allowed" }, |
---|
88 | { TPM_INVALID_POSTINIT, "TPM_INVALID_POSTINIT", "The command was received in the wrong sequence relative to TPM_Init and a subsequent TPM_Startup" }, |
---|
89 | { TPM_INAPPROPRIATE_SIG, "TPM_INAPPROPRIATE_SIG", "Signed data cannot include additional DER information" }, |
---|
90 | { TPM_BAD_KEY_PROPERTY, "TPM_BAD_KEY_PROPERTY", "The key properties in TPM_KEY_PARMs are not supported by this TPM" }, |
---|
91 | |
---|
92 | { TPM_BAD_MIGRATION, "TPM_BAD_MIGRATION", "The migration properties of this key are incorrect." }, |
---|
93 | { TPM_BAD_SCHEME, "TPM_BAD_SCHEME", "The signature or encryption scheme for this key is incorrect or not permitted in this situation." }, |
---|
94 | { TPM_BAD_DATASIZE, "TPM_BAD_DATASIZE", "The size of the data (or blob) parameter is bad or inconsistent with the referenced key" }, |
---|
95 | { TPM_BAD_MODE, "TPM_BAD_MODE", "A mode parameter is bad, such as capArea or subCapArea for TPM_GetCapability, phsicalPresence parameter for TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob." }, |
---|
96 | { TPM_BAD_PRESENCE, "TPM_BAD_PRESENCE", "Either the physicalPresence or physicalPresenceLock bits have the wrong value" }, |
---|
97 | { TPM_BAD_VERSION, "TPM_BAD_VERSION", "The TPM cannot perform this version of the capability" }, |
---|
98 | { TPM_NO_WRAP_TRANSPORT, "TPM_NO_WRAP_TRANSPORT", "The TPM does not allow for wrapped transport sessions" }, |
---|
99 | { TPM_AUDITFAIL_UNSUCCESSFUL, "TPM_AUDITFAIL_UNSUCCESSFUL", "TPM audit construction failed and the underlying command was returning a failure code also" }, |
---|
100 | { TPM_AUDITFAIL_SUCCESSFUL, "TPM_AUDITFAIL_SUCCESSFUL", "TPM audit construction failed and the underlying command was returning success" }, |
---|
101 | { TPM_NOTRESETABLE, "TPM_NOTRESETABLE", "Attempt to reset a PCR register that does not have the resettable attribute" }, |
---|
102 | { TPM_NOTLOCAL, "TPM_NOTLOCAL", "Attempt to reset a PCR register that requires locality and locality modifier not part of command transport" }, |
---|
103 | { TPM_BAD_TYPE, "TPM_BAD_TYPE", "Make identity blob not properly typed" }, |
---|
104 | { TPM_INVALID_RESOURCE, "TPM_INVALID_RESOURCE", "When saving context identified resource type does not match actual resource" }, |
---|
105 | { TPM_NOTFIPS, "TPM_NOTFIPS", "The TPM is attempting to execute a command only available when in FIPS mode" }, |
---|
106 | { TPM_INVALID_FAMILY, "TPM_INVALID_FAMILY", "The command is attempting to use an invalid family ID" }, |
---|
107 | { TPM_NO_NV_PERMISSION, "TPM_NO_NV_PERMISSION", "The permission to manipulate the NV storage is not available" }, |
---|
108 | { TPM_REQUIRES_SIGN, "TPM_REQUIRES_SIGN", "The operation requires a signed command" }, |
---|
109 | { TPM_KEY_NOTSUPPORTED, "TPM_KEY_NOTSUPPORTED", "Wrong operation to load an NV key" }, |
---|
110 | { TPM_AUTH_CONFLICT, "TPM_AUTH_CONFLICT", "NV_LoadKey blob requires both owner and blob authorization" }, |
---|
111 | { TPM_AREA_LOCKED, "TPM_AREA_LOCKED", "The NV area is locked and not writtable" }, |
---|
112 | { TPM_BAD_LOCALITY, "TPM_BAD_LOCALITY", "The locality is incorrect for the attempted operation" }, |
---|
113 | { TPM_READ_ONLY, "TPM_READ_ONLY", "The NV area is read only and can't be written to" }, |
---|
114 | { TPM_PER_NOWRITE, "TPM_PER_NOWRITE", "There is no protection on the write to the NV area" }, |
---|
115 | { TPM_FAMILYCOUNT, "TPM_FAMILYCOUNT", "The family count value does not match" }, |
---|
116 | { TPM_WRITE_LOCKED, "TPM_WRITE_LOCKED", "The NV area has already been written to" }, |
---|
117 | { TPM_BAD_ATTRIBUTES, "TPM_BAD_ATTRIBUTES", "The NV area attributes conflict" }, |
---|
118 | { TPM_INVALID_STRUCTURE, "TPM_INVALID_STRUCTURE", "The structure tag and version are invalid or inconsistent" }, |
---|
119 | { TPM_KEY_OWNER_CONTROL, "TPM_KEY_OWNER_CONTROL", "The key is under control of the TPM Owner and can only be evicted by the TPM Owner." }, |
---|
120 | { TPM_BAD_COUNTER, "TPM_BAD_COUNTER", "The counter handle is incorrect" }, |
---|
121 | { TPM_NOT_FULLWRITE, "TPM_NOT_FULLWRITE", "The write is not a complete write of the area" }, |
---|
122 | { TPM_CONTEXT_GAP, "TPM_CONTEXT_GAP", "The gap between saved context counts is too large" }, |
---|
123 | { TPM_MAXNVWRITES, "TPM_MAXNVWRITES", "The maximum number of NV writes without an owner has been exceeded" }, |
---|
124 | { TPM_NOOPERATOR, "TPM_NOOPERATOR", "No operator authorization value is set" }, |
---|
125 | { TPM_RESOURCEMISSING, "TPM_RESOURCEMISSING", "The resource pointed to by context is not loaded" }, |
---|
126 | { TPM_DELEGATE_LOCK, "TPM_DELEGATE_LOCK", "The delegate administration is locked" }, |
---|
127 | { TPM_DELEGATE_FAMILY, "TPM_DELEGATE_FAMILY", "Attempt to manage a family other then the delegated family" }, |
---|
128 | { TPM_DELEGATE_ADMIN, "TPM_DELEGATE_ADMIN", "Delegation table management not enabled" }, |
---|
129 | { TPM_TRANSPORT_EXCLUSIVE, "TPM_TRANSPORT_EXCLUSIVE", "There was a command executed outside of an exclusive transport session" }, |
---|
130 | }; |
---|
131 | |
---|
132 | |
---|
133 | // helper function for the error codes: |
---|
134 | const char* tpm_get_error_name (TPM_RESULT code) { |
---|
135 | // just do a linear scan for now |
---|
136 | unsigned i; |
---|
137 | for (i = 0; i < sizeof(error_msgs)/sizeof(error_msgs[0]); i++) |
---|
138 | if (code == error_msgs[i].code) |
---|
139 | return error_msgs[i].code_name; |
---|
140 | |
---|
141 | return("Unknown Error Code"); |
---|
142 | } |
---|