csu3_am335x/EVSE/GPL/tpm2-tss-3.2.0/doxygen-doc/man/EsysTestgroup.3

.TH "EsysTestgroup" 3 "Fri Oct 7 2022" "Version 3.2.0" "tpm2-tss" \" -*- nroff -*-
.ad l
.nh
.SH NAME
EsysTestgroup \- For every integration test a function with a name corresponding to the name of the source code file of the test is created: test_esys_<test_name>(ESYS_CONTEXT * esys_context)\&. This function is called by the standard function test_invoke_esapi in every integration test\&.  

.SH SYNOPSIS
.br
.PP

.in +1c
.ti -1c
.RI "int \fBtest_esys_evict_control_serialization\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_lock\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_get_capability\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_zgen_2phase\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_verify_signature\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_import\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_policy_regression\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_policy_authorize_nv_opt\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_policy_physical_presence_opt\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_policy_template_opt\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_policy_ticket\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_change_eps\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_policy_nv_undefine_special\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_create_fail\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_testparms\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_create_password_auth\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_stir_random\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_clockset\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_clear_control\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_nv_ram_extend_index\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_save_and_load_context\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_encrypt_decrypt\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_createloaded\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_audit\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_policy_password\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_tpm_tests\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_certify\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_pcr_basic\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_quote\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_tr_getName_hierarchy\fP (\fBESYS_CONTEXT\fP *ectx)"
.br
.ti -1c
.RI "int \fBtest_esys_field_upgrade\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_unseal_password_auth\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_nv_ram_set_bits\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_nv_certify\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_ecdh_keygen\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_tr_fromTpmPublic_key\fP (\fBESYS_CONTEXT\fP *ectx)"
.br
.ti -1c
.RI "int \fBtest_esys_ecdh_zgen\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_certify_creation\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_nv_ram_counter\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_event_sequence_complete\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_create_session_auth\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_tr_fromTpmPublic_nv\fP (\fBESYS_CONTEXT\fP *ectx)"
.br
.ti -1c
.RI "int \fBtest_esys_create_primary_hmac\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_firmware_read\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_hmacsequencestart\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_hmac\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_ecc_parameters\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_hierarchychangeauth\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_pcr_auth_value\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_nv_ram_ordinary_index\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_duplicate\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_rsa_encrypt_decrypt\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_set_algorithm_set\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_object_changeauth\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_pp_commands\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_clear\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_policy_authorize\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_get_time\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_make_credential\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_commit\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.ti -1c
.RI "int \fBtest_esys_policy_nv_changeauth\fP (\fBESYS_CONTEXT\fP *esys_context)"
.br
.in -1c
.SH "Detailed Description"
.PP 
For every integration test a function with a name corresponding to the name of the source code file of the test is created: test_esys_<test_name>(ESYS_CONTEXT * esys_context)\&. This function is called by the standard function test_invoke_esapi in every integration test\&. 

For some tests different test cases can be created with compiler defines to avoid duplicate code in different test cases\&.The following defines are used and listed in the function's documentation if used:
.IP "\(bu" 2
TEST_ECC Create an ECC key instead of an RSA key\&.
.IP "\(bu" 2
TEST_SESSION Use session authentication instead of password authentication\&.
.IP "\(bu" 2
TEST_READ_LOCK Activate test of Esys_NV_ReadLock\&.
.IP "\(bu" 2
TEST_WRITE_LOCK Activate test of Esys_NV_WriteLock\&.
.IP "\(bu" 2
TEST_XOR_OBFUSCATION Use xor obfuscation for parameter encryption\&.
.IP "\(bu" 2
TEST_AES_ENCRYPTION Use AES for parameter encryption\&.
.IP "\(bu" 2
TEST_BOUND_SESSION Run test with a bound session\&.
.PP
.PP
The ESAPI command calls which are used in a test are listed in the function's documentation and are marked according to the PC Client Profile Revision 01\&.03 v22:
.IP "\(bu" 2
(M) Mandatory
.IP "\(bu" 2
(O) Optional
.IP "\(bu" 2
(F) Commands added after TPM Specification Rev\&. 1\&.16 is integrated\&. 
.PP

.SH "Function Documentation"
.PP 
.SS "test_esys_audit (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS audit commands\&.
.PP
First a key for signing the audit digest is computed\&. A audit session is started, and for the command GetCapability the command audit digest and the session audit digest is computed\&. (Esys_GetCommandAuditDigest, Esys_GetSessionAuditDigest)\&. In the last test the audit hash alg is changed with Esys_SetCommandCodeAuditStatus\&.
.PP
\fBNote:\fP platform authorization needed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_GetCapability()\fP (M)
.IP "\(bu" 2
\fBEsys_GetCommandAuditDigest()\fP (O)
.IP "\(bu" 2
\fBEsys_GetSessionAuditDigest()\fP (M)
.IP "\(bu" 2
\fBEsys_SetCommandCodeAuditStatus()\fP (O)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_certify (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the command Esys_Certify\&.
.PP
We create a RSA primary signing key which will be used as signing key and as object for the certify command\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Certify()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_certify_creation (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the command Esys_CertifyCreation\&.
.PP
We create a RSA primary signing key which will be used as signing key and as object for the certify creation\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CertifyCreation()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_change_eps (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_ChangeEPS\&.
.PP
\fBNote:\fP platform authorization needed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_ChangeEPS()\fP (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_clear (\fBESYS_CONTEXT\fP * esys_context)"
Test of the ESYS function Esys_Clear\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Clear()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
Used compiler defines: TEST_SESSION
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_clear_control (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_ClearControl\&.
.PP
The clear command will be disabled and with Esys_Clear it will be checked whether clear is disabled\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Clear()\fP (M)
.IP "\(bu" 2
\fBEsys_ClearControl()\fP (M)
.PP
.PP
*\fBNote:\fP platform authorization needed\&.
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_clockset (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_ClockSet and Esys_ReadClock\&.
.PP
\fBNote:\fP platform authorization needed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_ClockRateAdjust()\fP (M)
.IP "\(bu" 2
\fBEsys_ClockSet()\fP (M)
.IP "\(bu" 2
\fBEsys_ReadClock()\fP (M)
.PP
.PP
Used compiler defines: TEST_SESSION
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_commit (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test Esys_Commit\&. based on an ECC key created with Esys_CreatePrimary Esys_Commit is called with a point from the primary key\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Commit()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_create_fail (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test password authentication\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. Based in the primary several calls with NULL parameters, which should not be allowed, will be tested\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.PP
.PP
Used compiler defines: TEST_ECC
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_create_password_auth (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test password authentication for the ESYS command Create\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. Based in the primary a second key with an password define in the sensitive area will be created\&. This key will be loaded and will be used as parent to create a third key\&. Password authentication will be used to create this key\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Load()\fP (M)
.PP
.PP
Used compiler defines: TEST_ECC
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_create_primary_hmac (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test Esys_CreatePrimary with hmac verification\&.
.PP
The test can be executed with RSA or ECC keys\&. ECC will be used if ECC is defined\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
Used compiler defines: TEST_ECC
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_create_session_auth (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test parameter encryption/decryption, session management, hmac computation, and session key generation\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. The primary key will be used as tpmKey for Esys_StartAuthSession\&. Parameter encryption and decryption will be activated for the session\&. The session will be used to Create a second key by Eys_Create (with password) This key will be Loaded to and a third key will be created with the second key as parent key (Esys_Create)\&. The type of encryptin can be selected by the compiler variables (-D option): TEST_XOR_OBFUSCATION or TEST_AES_ENCRYPTION\&. Secret exchange with a ECC key can be activated with the compiler variable -D TEST_ECC\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_ContextLoad()\fP (M)
.IP "\(bu" 2
\fBEsys_ContextSave()\fP (M)
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Load()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
Used compiler defines: TEST_ECC, TEST_AES_ENCRYPTION, TEST_BOUND_SESSION TEST_XOR_OBFUSCATION
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_createloaded (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS command CreateLoaded\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. This primary key will be used as parent key for CreateLoaded\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
Esys_CreateLoaded() (F)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.IP "\(bu" 2
\fBEsys_TR_GetName()\fP (M)
.IP "\(bu" 2
Esys_TR_ReadPublic() (M)
.PP
.PP
Used compiler defines: TEST_SESSION
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_duplicate (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS commands Duplicate and Rewrap\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. This primary key will be used as parent key for the Duplicate command\&. A second primary key will be the parent key of the duplicated key\&. In the last step the key is rewrapped with the first primary key as parent key\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_Duplicate()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Load()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyAuthValue()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyCommandCode()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyGetDigest()\fP (M)
.IP "\(bu" 2
\fBEsys_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_Rewrap()\fP (O)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_ecc_parameters (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_ECC_Parameters\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_ECC_Parameters()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_ecdh_keygen (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test Esys_ECDH_KeyGen based on an ECC key created with Esys_CreatePrimary\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_ECDH_KeyGen()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_ecdh_zgen (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test Esys_ECDH_ZGen\&. based on an ECC key created with Esys_CreatePrimary and a dummy ECC point\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_ECDH_ZGen()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_encrypt_decrypt (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS function Esys_EncryptDecrypt\&.
.PP
First a primary key is generated\&. This key will be uses as parent fo a symmetric key, which will be used to encrypt and decrypt a tpm2b\&. The result will be compared\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_EncryptDecrypt()\fP (O)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Load()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_event_sequence_complete (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS commands HashSequenceStart, SequenceUpdate, and EventSequenceComplete\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_EventSequenceComplete()\fP (M)
.IP "\(bu" 2
\fBEsys_HashSequenceStart()\fP (M)
.IP "\(bu" 2
\fBEsys_SequenceUpdate()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP
< enforce event Sequence 
.SS "test_esys_evict_control_serialization (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test EvictControl and ESYS Serialization\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. Based on this key a persistent object is created (Esys_EvictControl)\&. The resource of this object will be serialized and deserialized with the corresponding ESYS functions (Esys_TR_Serialize, Esys_TR_Deserialize)\&. To check whether the deserialization was successful a new object will be created with the handle returned by the deserialize function\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_EvictControl()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_field_upgrade (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_FieldUpgradeStart and Esys_FieldUpgradeData\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
Esys_FieldUpgradeData() (O)
.IP "\(bu" 2
Esys_FieldUpgradeStart() (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_firmware_read (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_FirmwareRead\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
Esys_FirmwareRead() (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_get_capability (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS get capability command\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_GetCapability()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_get_time (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the GetTime command with password authentication\&.
.PP
We create a RSA primary signing key which will be used for signing\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_GetTime()\fP (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_hierarchychangeauth (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the change of an authorization value of a hierarchy\&.
.PP
To check whether the change was successful a primary key is created with the handle of this hierarchy and the new authorization\&. Also second primary is created after a call of Esys_TR_SetAuth with the new auth value\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_HierarchyChangeAuth()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_hmac (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS command Esys_HMAC with password authentication\&.
.PP
We create a symmetric HMAC key signing key which will be used for signing\&. This key will be used to create the HMAC for a test buffer\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_HMAC()\fP (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_hmacsequencestart (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS commands: HMAC_Start, SequenceUpdate, and SequenceComplete\&.
.PP
The HMAC key is created by using Esys_CreatePrimary\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_HMAC_Start()\fP (M)
.IP "\(bu" 2
Esys_SequenceComplete() (M)
.IP "\(bu" 2
\fBEsys_SequenceUpdate()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
Used compiler defines: TEST_SESSION
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_import (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS commands Duplicate and Import\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. This primary key will be used as parent key for the Duplicate command\&. A second primary key will be the parent key of the duplicated key\&. In the last step the key is imported with the first primary key as parent key (Esys_Import)\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_Duplicate()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Import()\fP (M)
.IP "\(bu" 2
\fBEsys_Load()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyAuthValue()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyCommandCode()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyGetDigest()\fP (M)
.IP "\(bu" 2
\fBEsys_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_lock (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS functions related to TPM locks\&.
.PP
\fBNote:\fP platform authorization needed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_DictionaryAttackLockReset()\fP (M)
.IP "\(bu" 2
\fBEsys_DictionaryAttackParameters()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_GlobalWriteLock()\fP (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_make_credential (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the function Esys_MakeCredential We start by creating a primary key (Esys_CreatePrimary)\&.
.PP
Based in the primary a second key will be created\&. The public part of the key will be loaded by the function Esys_LoadExternal\&. A credential will be encrypted with this key with the command Esys_MakeCredential\&. The credential will be activated with Esys_ActivateCredential\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_ActivateCredential()\fP (M)
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Load()\fP (M)
.IP "\(bu" 2
Esys_LoadExternal() (M)
.IP "\(bu" 2
\fBEsys_MakeCredential()\fP (M)
.IP "\(bu" 2
\fBEsys_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
Used compiler defines: TEST_SESSION
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_nv_certify (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the command Esys_NV_Certify\&.
.PP
We create a RSA primary signing key which will be used as signing key for the NV data\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_Certify()\fP (O)
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_UndefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_Write()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_nv_ram_counter (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the definition of a counter in NV ram and to test the ESYS NV_Increment function\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_Increment()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_Read()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_UndefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
Used compiler defines: TEST_SESSION
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_nv_ram_extend_index (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS nv define space, nv extend, and nv read command\&. The names stored in the ESYS resource are compared with the names delivered from the TPM by the command ReadPublic\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_Extend()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_Read()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_UndefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
Used compiler defines: TEST_SESSION
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_nv_ram_ordinary_index (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS commands nv define space, nv write, nv read command, nv lock write and nv lock read, and nv undefine\&.
.PP
The names stored in the ESYS resource are compared with the names delivered from the TPM by the command ReadPublic\&. only one of the tests NV_ReadLock and NV_WriteLock can be activated by the defines TEST_READ_LOCK and TEST_WRITE_LOCK (-D option)
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_Read()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_ReadLock()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_UndefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_Write()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_WriteLock()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
Used compiler defines: TEST_READ_LOCK TEST_SESSION TEST_WRITE_LOCK
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_nv_ram_set_bits (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the definition of a bit field in NV ram and to test the ESYS NV_SetBits function\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_Read()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_SetBits()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_UndefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
Used compiler defines: TEST_SESSION
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_object_changeauth (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS command ObjectChangeAuth\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. The auth value for this primary will be changed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Load()\fP (M)
.IP "\(bu" 2
\fBEsys_ObjectChangeAuth()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_pcr_auth_value (\fBESYS_CONTEXT\fP * esys_context)"
Test the commands Esys_PCR_SetAuthValue and Esys_PCR_SetAuthPolicy\&.
.PP
\fBNote:\fP platform authorization needed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_PCR_SetAuthPolicy()\fP (O)
.IP "\(bu" 2
\fBEsys_PCR_SetAuthValue()\fP (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_pcr_basic (\fBESYS_CONTEXT\fP * esys_context)"
Test the basic commands for PCR processing\&.
.PP
\fBNote:\fP platform authorization needed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_PCR_Allocate()\fP (M)
.IP "\(bu" 2
\fBEsys_PCR_Event()\fP (M)
.IP "\(bu" 2
\fBEsys_PCR_Extend()\fP (M)
.IP "\(bu" 2
\fBEsys_PCR_Read()\fP (M)
.IP "\(bu" 2
\fBEsys_PCR_Reset()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_policy_authorize (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS policy authorization\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyAuthorize()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyGetDigest()\fP (M)
.IP "\(bu" 2
\fBEsys_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_policy_authorize_nv_opt (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS policy commands, not tested in other test cases\&. When possoble the commands are tested with a trial session and the policy digest is compared with the expected digest\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
Esys_PolicyAuthorizeNV() (F)
.IP "\(bu" 2
\fBEsys_PolicyNV()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_policy_nv_changeauth (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS commands PolicyAuthValue, PolicyCommandCode, Esys_PolicyGetDigest, and NV_ChangeAuth\&.
.PP
First in a trial session the policy value to ensure that the auth value is included in the policy session used for NV_ChangeAuth is computed\&. A NV ram space with this policy is defined afterwards\&. With a real policy session the auth value of this NV ram space will be changed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_ChangeAuth()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_UndefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyAuthValue()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyCommandCode()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyGetDigest()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_policy_nv_undefine_special (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS command Esys_NV_UndefineSpaceSpecial, The NV space attributes TPMA_NV_PLATFORMCREATE and TPMA_NV_POLICY_DELETE have to be set\&.
.PP
A policy has to be defined for the command UndefineSpaceSpecial\&. The special handling whether the auth value is not used in the HMAC response verification will be checked\&.
.PP
\fBNote:\fP platform authorization needed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_UndefineSpaceSpecial()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyAuthValue()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyCommandCode()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyGetDigest()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP
< Undefine will only possible with policy 
.SS "test_esys_policy_password (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS command PolicyPassword\&.
.PP
First in a trial session the policy value to ensure that auth value is included in the policy session used for authorization is computed\&. We start by creating a primary key (Esys_CreatePrimary) with this policy value and a certain authorization\&. Than a second key it created with a PoliyPassword policy session\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyGetDigest()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyPassword()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_policy_physical_presence_opt (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS policy commands, not tested in other test cases\&. When possoble the commands are tested with a trial session and the policy digest is compared with the expected digest\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_PolicyPhysicalPresence()\fP (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_policy_regression (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS policy commands, not tested in other test cases\&. When possoble the commands are tested with a trial session and the policy digest is compared with the expected digest\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_UndefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyCounterTimer()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyDuplicationSelect()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyGetDigest()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyNV()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyNameHash()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyNvWritten()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyOR()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyPCR()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyPhysicalPresence()\fP (O)
.IP "\(bu" 2
\fBEsys_PolicyRestart()\fP (M)
.IP "\(bu" 2
\fBEsys_SetPrimaryPolicy()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_policy_template_opt (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS policy commands, not tested in other test cases\&. When possoble the commands are tested with a trial session and the policy digest is compared with the expected digest\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
Esys_PolicyTemplate() (F)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_policy_ticket (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS policy commands related to signed authorization actions\&.
.PP
Esys_PolicySigned, Esys_PolicyTicket, and Esys_PolicySecret\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_HashSequenceStart()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicySecret()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicySigned()\fP (M)
.IP "\(bu" 2
\fBEsys_PolicyTicket()\fP (O)
.IP "\(bu" 2
\fBEsys_ReadPublic()\fP (M)
.IP "\(bu" 2
Esys_SequenceComplete() (M)
.IP "\(bu" 2
\fBEsys_SequenceUpdate()\fP (M)
.IP "\(bu" 2
\fBEsys_Sign()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_pp_commands (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_PP_Commands\&.
.PP
If the test requires physical presence, the test is skipped\&.
.PP
\fBNote:\fP platform authorization needed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_PP_Commands()\fP (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_quote (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the quote command with password authentication\&.
.PP
We create a RSA primary signing key which will be used for signing\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Quote()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_rsa_encrypt_decrypt (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test RSA encryption / decryption\&. with password authentication\&. We create a RSA primary key (Esys_CreatePrimary) for every crypto action This key will be used for encryption/decryption in with the schemes: TPM2_ALG_NULL, TPM2_ALG_RSAES, and TPM2_ALG_OAEP
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_RSA_Decrypt()\fP (M)
.IP "\(bu" 2
\fBEsys_RSA_Encrypt()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_save_and_load_context (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test context save and load\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. Based in the primary a second key with an password define in the sensitive area will be created\&. This key will be loaded and saved with the ContextSave command\&. After the key is flushed the key will be loaded again with ContextLoad and will be used to create a third key
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_ContextLoad()\fP (M)
.IP "\(bu" 2
\fBEsys_ContextSave()\fP (M)
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Load()\fP (M)
.PP
.PP
Used compiler defines: TEST_ECC
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_set_algorithm_set (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_SetAlgorithmSet\&.
.PP
\fBNote:\fP platform authorization needed\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_SetAlgorithmSet()\fP (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_stir_random (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_StirRandom\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_StirRandom()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_testparms (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS function Esys_TestParms\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_TestParms()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_tpm_tests (\fBESYS_CONTEXT\fP * esys_context)"
Test the ESYS functions for TPM tests\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_GetTestResult()\fP (M)
.IP "\(bu" 2
\fBEsys_IncrementalSelfTest()\fP (M)
.IP "\(bu" 2
\fBEsys_SelfTest()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_tr_fromTpmPublic_key (\fBESYS_CONTEXT\fP * ectx)"
This tests the Esys_TR_FromTPMPublic and Esys_TR_GetName functions by creating an NV Index and then attempting to retrieve an ESYS_TR object for it\&. Then we call Esys_TR_GetName to see if the correct public name has been retrieved\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_EvictControl()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_ReadPublic()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIectx\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_tr_fromTpmPublic_nv (\fBESYS_CONTEXT\fP * ectx)"
This tests the Esys_TR_FromTPMPublic and Esys_TR_GetName functions by creating an NV Index and then attempting to retrieve an ESYS_TR object for it\&. Then we call Esys_TR_GetName to see if the correct public name has been retrieved\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_NV_DefineSpace()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_NV_UndefineSpace()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIectx\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_tr_getName_hierarchy (\fBESYS_CONTEXT\fP * ectx)"
This tests the Esys_TR_FromTPMPublic and Esys_TR_GetName functions by creating an NV Index and then attempting to retrieve an ESYS_TR object for it\&. Then we call Esys_TR_GetName to see if the correct public name has been retrieved\&.
.PP
Tested ESYS commands:
.PP
\fBParameters:\fP
.RS 4
\fIectx\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_unseal_password_auth (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the unseal operation for the ESYS command Unseal\&.
.PP
We start by creating a primary key (Esys_CreatePrimary)\&. Based on the primary key a second key with a password and the to be sealed data defined in the sensitive area will be created (Esys_Create)\&. This key will be loaded and the unseal command (Esys_Unseal) will be used to retrieve the sealed data\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_Create()\fP (M)
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_Load()\fP (M)
.IP "\(bu" 2
\fBEsys_Unseal()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_verify_signature (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test the ESYS signing and signature verification\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_ReadPublic()\fP (M)
.IP "\(bu" 2
\fBEsys_Sign()\fP (M)
.IP "\(bu" 2
\fBEsys_VerifySignature()\fP (M)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SS "test_esys_zgen_2phase (\fBESYS_CONTEXT\fP * esys_context)"
This test is intended to test Esys_ECDH_ZGen\&.
.PP
The test is based on an ECC key created with Esys_CreatePrimary and data produced by the command Esys_EC_Ephemeral\&.
.PP
Tested ESYS commands:
.IP "\(bu" 2
\fBEsys_CreatePrimary()\fP (M)
.IP "\(bu" 2
\fBEsys_ECDH_ZGen()\fP (M)
.IP "\(bu" 2
\fBEsys_EC_Ephemeral()\fP (F)
.IP "\(bu" 2
\fBEsys_FlushContext()\fP (M)
.IP "\(bu" 2
\fBEsys_StartAuthSession()\fP (M)
.IP "\(bu" 2
\fBEsys_ZGen_2Phase()\fP (O)
.PP
.PP
\fBParameters:\fP
.RS 4
\fIesys_context\fP The \fBESYS_CONTEXT\fP\&. 
.RE
.PP
\fBReturn values:\fP
.RS 4
\fIEXIT_FAILURE\fP 
.br
\fIEXIT_SKIP\fP 
.br
\fIEXIT_SUCCESS\fP 
.RE
.PP

.SH "Author"
.PP 
Generated automatically by Doxygen for tpm2-tss from the source code\&.