Setup TPM2-Plugin build environment

Add initial codes to build TPM2-plugin shared lib

Issue-ID: AAF-94
Change-Id: I96dee3699aa250b69350d6f01401f3831cf515f7
Signed-off-by: NingSun <ning.sun@intel.com>
diff --git a/TPM2-Plugin/lib/include/files.h b/TPM2-Plugin/lib/include/files.h
new file mode 100644
index 0000000..164e308
--- /dev/null
+++ b/TPM2-Plugin/lib/include/files.h
@@ -0,0 +1,366 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of Intel Corporation nor the names of its contributors
+// may be used to endorse or promote products derived from this software without
+// specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+#ifndef FILES_H
+#define FILES_H
+
+#include <stdbool.h>
+#include <stdio.h>
+
+#include <sapi/tpm20.h>
+
+/**
+ * Reads a series of bytes from a file as a byte array. This is similar to files_read_bytes(),
+ * but opens and closes the FILE for the caller. Size is both an input and output value where
+ * the size value is the max buffer size on call and the returned size is how much was read.
+ *
+ * This interface could be cleaned up in a later revision.
+ * @param path
+ *  The path to the file to open.
+ * @param buf
+ *  The buffer to read the data into
+ * @param size
+ *  The max size of the buffer on call, and the size of the data read on return.
+ * @return
+ *  True on success, false otherwise.
+ */
+bool files_load_bytes_from_path(const char *path, UINT8 *buf, UINT16 *size);
+
+/**
+ * Loads data from a file path or stdin enforcing an upper bound on size.
+ * @param path
+ *  The path to load data from, NULL means stdin.
+ * @param size
+ *  The maximum size.
+ * @param buf
+ *  The buffer to write the data into.
+ * @return
+ *  True on success or false otherwise.
+ */
+bool files_load_bytes_from_file_or_stdin(const char *path, UINT16 *size, BYTE *buf);
+
+/**
+ * Similar to files_write_bytes(), in that it writes an array of bytes to disk,
+ * but this routine opens and closes the file on the callers behalf.
+ * @param path
+ *  The path to the file to write the data to.
+ * @param buf
+ *  The buffer of data to write
+ * @param size
+ *  The size of the data to write in bytes.
+ * @return
+ *  True on success, false otherwise.
+ */
+bool files_save_bytes_to_file(const char *path, UINT8 *buf, UINT16 size);
+
+/**
+ * Saves the TPM context for an object handle to disk by calling Tss2_Sys_ContextSave() and serializing the
+ * resulting TPMS_CONTEXT structure to disk.
+ * @param sapi_context
+ *  The system api context
+ * @param handle
+ *  The object handle for the object to save.
+ * @param path
+ *  The output path of the file.
+ *
+ * @return
+ *  True on success, False on error.
+ */
+bool files_save_tpm_context_to_path(TSS2_SYS_CONTEXT *sapi_context, TPM2_HANDLE handle, const char *path);
+
+/**
+ * Like files_save_tpm_context_to_path() but saves a tpm session to a FILE stream.
+ * @param sapi_context
+ *  The system api context
+ * @param handle
+ *  The object handle for the object to save.
+ * @param stream
+ *  The FILE stream to save too.
+ * @return
+ *  True on success, False on error.
+ */
+bool files_save_tpm_context_to_file(TSS2_SYS_CONTEXT *sapi_context, TPM2_HANDLE handle,
+        FILE *stream);
+
+/**
+ * Loads a TPM object context from disk.
+ * @param sapi_context
+ *  The system API context
+ * @param handle
+ *  The object handle that was saved.
+ * @param path
+ *  The path to the input file.
+ * @return
+ *  True on Success, false on error.
+ */
+bool files_load_tpm_context_from_path(TSS2_SYS_CONTEXT *sapi_context, TPM2_HANDLE *handle, const char *path);
+
+/**
+ * Like files_load_tpm_context_from_path() but loads the context from a FILE stream.
+ * @param sapi_context
+ *  The system API context
+ * @param handle
+ *  The object handle that was saved.
+ * @param stream
+ *  The FILE stream to read from.
+ * @return
+ *  True on success, False on error.
+ */
+bool files_load_tpm_context_from_file(TSS2_SYS_CONTEXT *sapi_context,
+        TPM2_HANDLE *handle, FILE *stream);
+
+/**
+ * Serializes a TPM2B_PUBLIC to the file path provided.
+ * @param public
+ *  The TPM2B_PUBLIC to save to disk.
+ * @param path
+ *  The path to save to.
+ * @return
+ *  true on success, false on error.
+ */
+bool files_save_public(TPM2B_PUBLIC *public, const char *path);
+
+/**
+ * Loads a TPM2B_PUBLIC from disk that was saved with files_save_pubkey()
+ * @param path
+ *  The path to load from.
+ * @param public
+ *  The TPM2B_PUBLIC to load.
+ * @return
+ *  true on success, false on error.
+ */
+bool files_load_public(const char *path, TPM2B_PUBLIC *public);
+
+/**
+ * Serializes a TPMT_SIGNATURE to the file path provided.
+ * @param signature
+ *  The TPMT_SIGNATURE to save to disk.
+ * @param path
+ *  The path to save to.
+ * @return
+ *  true on success, false on error.
+ */
+bool files_save_signature(TPMT_SIGNATURE *signature, const char *path);
+
+/**
+ * Loads a TPMT_SIGNATURE from disk that was saved with files_save_signature()
+ * @param path
+ *  The path to load from.
+ * @param signature
+ *  The TPMT_SIGNATURE to load.
+ * @return
+ *  true on success, false on error.
+ */
+bool files_load_signature(const char *path, TPMT_SIGNATURE *signature);
+
+/**
+ * Serializes a TPMT_TK_VERIFIED to the file path provided.
+ * @param signature
+ *  The TPMT_SIGNATURE to save to disk.
+ * @param path
+ *  The path to save to.
+ * @return
+ *  true on success, false on error.
+ */
+bool files_save_ticket(TPMT_TK_VERIFIED *ticket, const char *path);
+
+/**
+ * Loads a TPMT_TK_VERIFIED from disk that was saved with files_save_ticket()
+ * @param path
+ *  The path to load from.
+ * @param signature
+ *  The TPMT_TK_VERIFIED to load.
+ * @return
+ *  true on success, false on error.
+ */
+bool files_load_ticket(const char *path, TPMT_TK_VERIFIED *ticket);
+
+/**
+ * Loads a TPM2B_SENSITIVE from disk.
+ * @param path
+ *  The path to load from.
+ * @param signature
+ *  The TPM2B_SENSITIVE to load.
+ * @return
+ *  true on success, false on error.
+ */
+bool files_load_sensitive(const char *path, TPM2B_SENSITIVE *sensitive);
+
+/**
+ * Serializes a TPMT_TK_HASHCHECK to the file path provided.
+ * @param validation
+ *  The TPMT_TK_HASHCHECK to save to disk.
+ * @param path
+ *  The path to save to.
+ * @return
+ *  true on success, false on error.
+ */
+bool files_save_validation(TPMT_TK_HASHCHECK *validation, const char *path);
+
+/**
+ * Loads a TPMT_TK_HASHCHECK from disk.
+ * @param path
+ *  The path to load from.
+ * @param validation
+ *  The TPMT_TK_HASHCHECK to load.
+ * @return
+ *  true on success, false on error.
+ */
+bool files_load_validation(const char *path, TPMT_TK_HASHCHECK *validation);
+
+/**
+ * Checks a file for existence.
+ * @param path
+ *  The file to check for existence.
+ * @return
+ * true if a file exists with read permissions, false if it doesn't exist or an error occurs.
+ *
+ */
+bool files_does_file_exist(const char *path);
+
+/**
+ * Retrieves a files size given a file path.
+ * @param path
+ *  The path of the file to retreive the size of.
+ * @param file_size
+ *  A pointer to an unsigned long to return the file size. The
+ *  pointed to value is valid only on a true return.
+ *
+ * @return
+ *  True for success or False for error.
+ */
+bool files_get_file_size_path(const char *path, unsigned long *file_size);
+
+/**
+ * Similar to files_get_file_size_path(), but uses an already opened FILE object.
+ * @param fp
+ *  The file pointer to query the size of.
+ * @param file_size
+ *  Output of the file size.
+ * @param path
+ *  An optional path used for error reporting, a NULL path disables error logging.
+ * @return
+ *  True on success, False otherwise.
+ */
+bool files_get_file_size(FILE *fp, unsigned long *file_size, const char *path);
+
+/**
+ * Writes a TPM2.0 header to a file.
+ * @param f
+ *  The file to write to.
+ * @param version
+ *  The version number of the format of the file.
+ * @return
+ *  True on success, false on error.
+ */
+bool files_write_header(FILE *f, UINT32 version);
+
+/**
+ * Reads a TPM2.0 header from a file.
+ * @param f
+ *  The file to read.
+ * @param version
+ *  The version that was found.
+ * @return
+ *  True on Success, False on error.
+ */
+bool files_read_header(FILE *f, UINT32 *version);
+
+/**
+ * Writes a 16 bit value to the file in big endian, converting
+ * if needed.
+ * @param out
+ *  The file to write.
+ * @param data
+ *  The 16 bit value to write.
+ * @return
+ *  True on success, False on error.
+ */
+bool files_write_16(FILE *out, UINT16 data);
+
+/**
+ * Same as files_write_16 but for 32 bit values.
+ */
+bool files_write_32(FILE *out, UINT32 data);
+
+/**
+ * Same as files_write_16 but for 64 bit values.
+ */
+bool files_write_64(FILE *out, UINT64 data);
+
+/**
+ * Writes a byte array out to a file.
+ * @param out
+ *  The file to write to.
+ * @param data
+ *  The data to write.
+ * @param size
+ *  The size of the data to write in bytes.
+ * @return
+ *  True on success, False otherwise.
+ */
+bool files_write_bytes(FILE *out, UINT8 data[], size_t size);
+
+/**
+ * Reads a 16 bit value from a file converting from big endian to host
+ * endianess.
+ * @param out
+ *  The file to read from.
+ * @param data
+ *  The data that is read, valid on a true return.
+ * @return
+ *  True on success, False on error.
+ */
+bool files_read_16(FILE *out, UINT16 *data);
+
+/**
+ * Same as files_read_16 but for 32 bit values.
+ */
+bool files_read_32(FILE *out, UINT32 *data);
+
+/**
+ * Same as files_read_16 but for 64 bit values.
+ */
+bool files_read_64(FILE *out, UINT64 *data);
+
+/**
+ * Reads len bytes from a file.
+ * @param out
+ *  The file to read from.
+ * @param data
+ *  The buffer to read into, only valid on a True return.
+ * @param size
+ *  The number of bytes to read.
+ * @return
+ *  True on success, False otherwise.
+ */
+bool files_read_bytes(FILE *out, UINT8 data[], size_t size);
+
+#endif /* FILES_H */
diff --git a/TPM2-Plugin/lib/include/log.h b/TPM2-Plugin/lib/include/log.h
new file mode 100644
index 0000000..c4ae0bd
--- /dev/null
+++ b/TPM2-Plugin/lib/include/log.h
@@ -0,0 +1,107 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of Intel Corporation nor the names of its contributors
+// may be used to endorse or promote products derived from this software without
+// specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+#ifndef SRC_LOG_H_
+#define SRC_LOG_H_
+
+#include <stdbool.h>
+#include <stdio.h>
+
+#include <sapi/tpm20.h>
+
+#include "tpm2_error.h"
+#include "tpm2_util.h"
+
+typedef enum log_level log_level;
+enum log_level {
+    log_level_error,
+    log_level_warning,
+    log_level_verbose
+};
+
+void _log (log_level level, const char *file, unsigned lineno, const char *fmt, ...)
+    COMPILER_ATTR(format (printf, 4, 5));
+
+/*
+ * Prints an error message. The fmt and variadic arguments mirror printf.
+ *
+ * Use this to log all error conditions.
+ */
+#define LOG_ERR(fmt, ...) _log(log_level_error, __FILE__, __LINE__, fmt, ##__VA_ARGS__)
+
+/**
+ * Prints an error message for a TSS2_Sys call to the TPM.
+ * The format is <function-name>(0x<rc>) - <error string>
+ * @param func
+ *  The function that caused the error
+ * @param rc
+ *  The return code to print.
+ */
+#define LOG_PERR(func, rc) _LOG_PERR(xstr(func), rc)
+
+/**
+ * Internal use only.
+ *
+ * Handles the expanded LOG_PERR call checking argument values
+ * and handing them off to LOG_ERR.
+ * @param func
+ *  The function name.
+ * @param rc
+ *  The rc to decode.
+ */
+static inline void _LOG_PERR(const char *func, TSS2_RC rc) {
+
+    LOG_ERR("%s(0x%X) - %s", func, rc, tpm2_error_str(rc));
+}
+
+/*
+ * Prints an warning message. The fmt and variadic arguments mirror printf.
+ *
+ * Use this to log a warning. A warning is when something is wrong, but it is not a fatal
+ * issue.
+ */
+#define LOG_WARN(fmt, ...) _log(log_level_warning, __FILE__, __LINE__, fmt, ##__VA_ARGS__)
+
+/*
+ * Prints an informational message. The fmt and variadic arguments mirror printf.
+ *
+ * Informational messages are only shown when verboseness is increased. Valid messages
+ * would be debugging type messages where additional, extraneous information is printed.
+ */
+#define LOG_INFO(fmt, ...) _log(log_level_verbose, __FILE__, __LINE__, fmt, ##__VA_ARGS__)
+
+/**
+ * Sets the log level so only messages <= to it print.
+ * @param level
+ *  The logging level to set.
+ */
+void log_set_level (log_level level);
+
+#endif /* SRC_LOG_H_ */
diff --git a/TPM2-Plugin/lib/include/plugin_api.h b/TPM2-Plugin/lib/include/plugin_api.h
new file mode 100644
index 0000000..5f4b924
--- /dev/null
+++ b/TPM2-Plugin/lib/include/plugin_api.h
@@ -0,0 +1,48 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of Intel Corporation nor the names of its contributors
+// may be used to endorse or promote products derived from this software without
+// specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+
+#ifndef __PLUGIN_API_H__
+#define __PLUGIN_API_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int plugin_configure(char *configPath);
+
+void plugin_assign_hw_instance();
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/TPM2-Plugin/lib/include/plugin_register.h b/TPM2-Plugin/lib/include/plugin_register.h
new file mode 100644
index 0000000..a154a24
--- /dev/null
+++ b/TPM2-Plugin/lib/include/plugin_register.h
@@ -0,0 +1,196 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of Intel Corporation nor the names of its contributors
+// may be used to endorse or promote products derived from this software without
+// specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+
+#ifndef __PLUGIN_REGISTER_H__
+#define __PLUGIN_REGISTER_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Callback function definitions
+ */
+
+typedef int (*fp_crypto_rsa_decrypt_init) (
+    /* IN */
+    unsigned long mechanism,    /* PKCS#11 Mechanism */
+    void *param,                /* PKCS#11 Paramter */
+    unsigned long param_len,    /* PKCS#11 Parameter len */
+    /* OUT */
+    void *cb                   /* Address of pointer to store context block */ 
+    );
+
+typedef int (*fp_crypto_rsa_decrypt) (
+    /* IN */
+    void* cb,                /* Pointer Crypto Block which is created during decrypt_init */
+    unsigned char* cipher,   /* Input Cipher data */
+    int cipher_length,       /* Ciphet data length */
+    /* OUT */
+    unsigned char* out_data, /* Decrypted output data */
+    int* out_data_len        /* output length */
+    );
+
+typedef int (*fp_crypto_rsa_sign_init) (
+    /* IN */
+    unsigned long mechanism,    /* PKCS#11 Mechanism */
+    void *param,                /* PKCS#11 Paramter */
+    unsigned long param_len,    /* PKCS#11 Parameter len */
+    /* OUT */
+    void *cb                   /* Address of pointer to store context block */ 
+    );
+
+typedef int (*fp_crypto_rsa_sign_update) (
+    /* IN */
+    void *cb,                   /* Previously created context block (during sign_init) passed */
+    void *pPart,                /* pPart */
+    unsigned long ulPartLen     /* ulPartLen */
+    );
+
+typedef int (*fp_crypto_rsa_sign_final) (
+    /* IN */
+    void *cb,                   /* Previously passed context block */
+    /* OUT */
+    unsigned char *sig,         /* Output Signature buffer */
+    int *sigLen                 /* Pointer to hold signature buffer length */
+    );
+
+typedef int (*fp_crypto_rsa_sign) (
+    /* IN */
+    void *cb,                   /* Previously created context block (during sign_init) passed */
+    unsigned char* msg,         /* Data to be signed */
+    int msg_len,                /* Input data length */
+    /* OUT */
+    unsigned char *sig,         /* Output Signature buffer */
+    int *sig_len                /* Pointer to hold signature buffer length */
+    );
+
+typedef int (*fp_crypto_ecdsa_sign) (
+    /* IN */
+    void *cb,                   /* Previously created context block (during sign_init) passed */
+    unsigned char* data,        /* Data to be signed */
+    int data_len,               /* Input data length */
+    /* OUT */
+    unsigned char *sig,         /* Output Signature buffer */
+    int *sig_len                /* Pointer to hold signature buffer length */
+    );
+
+typedef int (*fp_crypto_ecdsa_verify) (
+    /* IN */
+    unsigned long appHandle,    /* Application handle needed for QAT KPT mode */
+    //DhsmWPKECDSAFormat *wpk,    /* Wrapped Private Key strcuture for ECDSA */
+    void *wpk,    /* Wrapped Private Key strcuture for ECDSA */
+    unsigned char* swk,         /* Symmetric Wrapping Key (SWK) value */
+    int swk_len,                /* SWK length */
+    unsigned char* iv,          /* IV value used during Application Key encryption */
+    int iv_len,                 /* IV length */
+    int tag_len,                /* AES-GCM tag length */
+    unsigned char* data,        /* Data which is used for signing */
+    int data_len,               /* Input data length */
+    unsigned char *sig,         /* Signature value */ 
+    int sig_len,                /* Signature length */
+    /* OUT */
+    int* verifyResult           /* Pointer to hold the verification result */
+    );
+
+typedef int (*fp_crypto_del_apphandle) (unsigned long skmKeyHandle);
+
+// SWK related operations
+typedef int (*fp_crypto_swk_getParentKey) (unsigned char** tlvbuffer, int* buflen);
+typedef int (*fp_crypto_swk_import) (
+    unsigned long appHandle, 
+    unsigned char* tlvbuffer, 
+    int buflen, 
+    unsigned char* iv, 
+    int iv_len, 
+    unsigned char* tpm_pwd, 
+    int tpm_pwd_len);
+
+typedef int (*fp_crypto_rsa_create_object) (
+    unsigned long appHandle,    /* Application handle needed for QAT KPT mode */
+    //DhsmWPKRSAFormat *wpk,      /* Wrapped Private Key structure for RSA */
+    void *wpk,      /* Wrapped Private Key structure for RSA */
+    unsigned char* swk,         /* Symmetric Wrapping Key (SWK) value */
+    int swk_len,                /* SWK length */
+    unsigned char* iv,          /* IV value used during Application Key encryption */
+    int iv_len,                 /* IV length */
+    int tag_len,                /* AES-GCM tag length */
+    void **cb_object            /* Pointer to store context block */
+    );
+
+typedef int (*fp_crypto_rsa_delete_object) (
+    void *cb_object             /* Pointer Crypto Block which is created during decrypt_create_object */
+    );
+
+typedef int (*fp_crypto_ecdsa_create_object) (
+    unsigned long appHandle,    /* Application handle needed for QAT KPT mode */
+    //DhsmWPKECDSAFormat *wpk,    /* Wrapped Private Key structure for RSA */
+    void *wpk,    /* Wrapped Private Key structure for RSA */
+    unsigned char* swk,         /* Symmetric Wrapping Key (SWK) value */
+    int swk_len,                /* SWK length */
+    unsigned char* iv,          /* IV value used during Application Key encryption */
+    int iv_len,                 /* IV length */
+    int tag_len,                /* AES-GCM tag length */
+    void **cb_object            /* Pointer to store context block */
+    );
+
+typedef int (*fp_crypto_ecdsa_delete_object) (
+    void *cb_object             /* Pointer Crypto Block which is created during decrypt_create_object */
+    );
+
+
+typedef struct 
+{
+    fp_crypto_rsa_decrypt_init     cb_crypto_rsa_decrypt_init;
+    fp_crypto_rsa_decrypt          cb_crypto_rsa_decrypt;	
+    fp_crypto_rsa_sign_init	   cb_crypto_rsa_sign_init;
+    fp_crypto_rsa_sign_update 	   cb_crypto_rsa_sign_update;
+    fp_crypto_rsa_sign_final	   cb_crypto_rsa_sign_final;
+    fp_crypto_rsa_sign		   cb_crypto_rsa_sign;
+    fp_crypto_ecdsa_sign	   cb_crypto_ecdsa_sign;
+    fp_crypto_ecdsa_verify	   cb_crypto_ecdsa_verify;
+    fp_crypto_del_apphandle	   cb_crypto_del_apphandle;
+    fp_crypto_swk_getParentKey 	   cb_crypto_swk_getParentKey;
+    fp_crypto_swk_import 	   cb_crypto_swk_import;
+    fp_crypto_rsa_create_object    cb_crypto_rsa_create_object;
+    fp_crypto_rsa_delete_object    cb_crypto_rsa_delete_object;
+    fp_crypto_ecdsa_create_object  cb_crypto_ecdsa_create_object;
+    fp_crypto_ecdsa_delete_object  cb_crypto_ecdsa_delete_object;
+
+} plugin_register;
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/TPM2-Plugin/lib/include/tcti_util.h b/TPM2-Plugin/lib/include/tcti_util.h
new file mode 100644
index 0000000..1b3b289
--- /dev/null
+++ b/TPM2-Plugin/lib/include/tcti_util.h
@@ -0,0 +1,109 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+
+//
+// The context for TCTI implementations is on opaque
+// structure. There shall never be a definition of its content.
+// Implementation provide the size information to
+// applications via the initialize call.
+// This makes use of a compiler trick that allows type
+// checking of the pointer even though the type isn't
+// defined.
+//
+// The first field of a Context must be the common part
+// (see below).
+#ifndef TSS2_TCTI_UTIL_H
+#define TSS2_TCTI_UTIL_H
+
+#if defined linux || defined unix
+#include <sys/socket.h>
+#define SOCKET int
+#endif
+
+#include <tcti/common.h>
+
+#define TCTI_MAGIC   0x7e18e9defa8bc9e2
+#define TCTI_VERSION 0x1
+
+#define TCTI_LOG_CALLBACK(ctx) ((TSS2_TCTI_CONTEXT_INTEL*)ctx)->logCallback
+#define TCTI_LOG_DATA(ctx)     ((TSS2_TCTI_CONTEXT_INTEL*)ctx)->logData
+#define TCTI_LOG_BUFFER_CALLBACK(ctx) ((TSS2_TCTI_CONTEXT_INTEL*)ctx)->logBufferCallback
+
+typedef TSS2_RC (*TCTI_TRANSMIT_PTR)( TSS2_TCTI_CONTEXT *tctiContext, size_t size, uint8_t *command);
+typedef TSS2_RC (*TCTI_RECEIVE_PTR) (TSS2_TCTI_CONTEXT *tctiContext, size_t *size, uint8_t *response, int32_t timeout);
+
+enum tctiStates { TCTI_STAGE_INITIALIZE, TCTI_STAGE_SEND_COMMAND, TCTI_STAGE_RECEIVE_RESPONSE };
+
+/* current Intel version */
+typedef struct {
+    uint64_t magic;
+    uint32_t version;
+    TCTI_TRANSMIT_PTR transmit;
+    TCTI_RECEIVE_PTR receive;
+    TSS2_RC (*finalize) (TSS2_TCTI_CONTEXT *tctiContext);
+    TSS2_RC (*cancel) (TSS2_TCTI_CONTEXT *tctiContext);
+    TSS2_RC (*getPollHandles) (TSS2_TCTI_CONTEXT *tctiContext,
+              TSS2_TCTI_POLL_HANDLE *handles, size_t *num_handles);
+    TSS2_RC (*setLocality) (TSS2_TCTI_CONTEXT *tctiContext, uint8_t locality);
+    struct {
+        UINT32 debugMsgEnabled: 1;
+        UINT32 locality: 8;
+        UINT32 commandSent: 1;
+        UINT32 rmDebugPrefix: 1;  // Used to add a prefix to RM debug messages.  This is ONLY used
+                                  // for TPM commands and responses as a way to differentiate
+                                  // RM generated TPM commands from application generated ones.
+
+        // Following two fields used to save partial response status in case receive buffer's too small.
+        UINT32 tagReceived: 1;
+        UINT32 responseSizeReceived: 1;
+        UINT32 protocolResponseSizeReceived: 1;
+    } status;
+
+    // Following two fields used to save partial response in case receive buffer's too small.
+    TPM_ST tag;
+    TPM_RC responseSize;
+
+    TSS2_TCTI_CONTEXT *currentTctiContext;
+
+    // Sockets if socket interface is being used.
+    SOCKET otherSock;
+    SOCKET tpmSock;
+    SOCKET currentConnectSock;
+
+    // File descriptor for device file if real TPM is being used.
+    int devFile;
+    UINT8 previousStage;            // Used to check for sequencing errors.
+    unsigned char responseBuffer[4096];
+    TCTI_LOG_CALLBACK logCallback;
+    TCTI_LOG_BUFFER_CALLBACK logBufferCallback;
+    void *logData;
+} TSS2_TCTI_CONTEXT_INTEL;
+
+#define TCTI_CONTEXT ( (TSS2_TCTI_CONTEXT_COMMON_CURRENT *)(SYS_CONTEXT->tctiContext) )
+#define TCTI_CONTEXT_INTEL ( (TSS2_TCTI_CONTEXT_INTEL *)tctiContext )
+
+#endif
diff --git a/TPM2-Plugin/lib/include/tpm2_alg_util.h b/TPM2-Plugin/lib/include/tpm2_alg_util.h
new file mode 100644
index 0000000..ce4083c
--- /dev/null
+++ b/TPM2-Plugin/lib/include/tpm2_alg_util.h
@@ -0,0 +1,196 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of Intel Corporation nor the names of its contributors
+// may be used to endorse or promote products derived from this software without
+// specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+#ifndef LIB_TPM2_ALG_UTIL_H_
+#define LIB_TPM2_ALG_UTIL_H_
+
+#include <stdbool.h>
+
+#include <sapi/tpm20.h>
+
+/**
+ * Iterator callback routine for iterating over known algorithm name and value
+ * pairs.
+ * @param id
+ *  The algorithm id.
+ * @param name
+ *  The associated "nice-name".
+ * @param userdata
+ *  A user supplied data pointer.
+ * @return
+ *  True to stop iterating, false to keep iterating.
+ */
+typedef bool (*tpm2_alg_util_alg_iteraror)(TPM2_ALG_ID id, const char *name, void *userdata);
+
+/**
+ * Iterate over the algorithm name-value pairs calling the iterator callback for each pair.
+ * @param iterator
+ *  The iterator callback function.
+ * @param userdata
+ *  A pointer to user supplied data, this is passed to the iterator for each call.
+ */
+void tpm2_alg_util_for_each_alg(tpm2_alg_util_alg_iteraror iterator, void *userdata);
+
+/**
+ * Convert a "nice-name" string to an algorithm id.
+ * @param name
+ *  The "nice-name" to convert.
+ * @return
+ *  TPM2_ALG_ERROR on error, or a valid algorithm identifier.
+ */
+TPM2_ALG_ID tpm2_alg_util_strtoalg(const char *name);
+
+/**
+ * Convert an id to a nice-name.
+ * @param id
+ *  The id to convert.
+ * @return
+ *  The nice-name.
+ */
+const char *tpm2_alg_util_algtostr(TPM2_ALG_ID id);
+
+/**
+ * Converts either a string from algrotithm number or algorithm nice-name to
+ * an algorithm id.
+ * @param optarg
+ *  The string to convert from an algorithm number or nice name.
+ * @return
+ *  TPM2_ALG_ERROR on error or the algorithm id.
+ */
+TPM2_ALG_ID tpm2_alg_util_from_optarg(char *optarg);
+
+/**
+ * Detects if an algorithm is considered a hashing algorithm.
+ * @param id
+ *  The algorithm id to check.
+ * @return
+ *  True if it is a hash algorithm, False otherwise.
+ */
+bool tpm2_alg_util_is_hash_alg(TPM2_ALG_ID id);
+
+/**
+ * Contains the information from parsing an argv style vector of strings for
+ * pcr digest language specifications.
+ */
+typedef struct tpm2_pcr_digest_spec tpm2_pcr_digest_spec;
+struct tpm2_pcr_digest_spec {
+    TPML_DIGEST_VALUES digests;
+    TPMI_DH_PCR pcr_index;
+};
+
+/**
+ * Parses an argv array that contains a digest specification at each location
+ * within argv.
+ *
+ * The digest specification is as follows:
+ *   - A pcr identifier as understood by strtoul with 0 as the base.
+ *   - A colon followed by the algorithm hash specification.
+ *   - The algorithm hash specification is as follows:
+ *       - The algorithm friendly name or raw numerical as understood by
+ *         strtoul with a base of 0.
+ *       - An equals sign
+ *       - The hex hash value,
+ *
+ *   This all distills to a string that looks like this:
+ *   <pcr index>:<hash alg id>=<hash value>
+ *
+ *   Example:
+ *   "4:sha=f1d2d2f924e986ac86fdf7b36c94bcdf32beec15"
+ *
+ *   Note:
+ *   Multiple specifications of PCR and hash are OK. Multiple hashes
+ *   cause the pcr to be extended with both hashes. Multiple same PCR
+ *   values cause the PCR to be extended multiple times. Extension
+ *   is done in order from left to right as specified.
+ *
+ *   At most 5 hash extensions per PCR entry are supported. This
+ *   is to keep the parser simple.
+ *
+ * @param sapi_context
+ *  The system API context for hashing files with the tpm. This can
+ *  be NULL if the argument vector doesn't have a file spec for the hash.
+ * @param argv
+ *  The argv of digest specifications to parse.
+ * @param len
+ *  The number of digest specifications to parse.
+ * @param digests
+ *  An array of tpm2_pcr_digest_spec big enough to hold len items.
+ * @return
+ *  True if parsing was successful, False otherwise.
+ *  @note
+ *  This function logs errors via LOG_ERR.
+ */
+bool pcr_parse_digest_list(char **argv, int len,
+        tpm2_pcr_digest_spec *digest_spec);
+
+/**
+ * Retrieves the size of a hash in bytes for a given hash
+ * algorithm or 0 if unknown/not found.
+ * @param id
+ *  The HASH algorithm identifier.
+ * @return
+ *  0 on failure or the size of the hash bytes.
+ */
+UINT16 tpm2_alg_util_get_hash_size(TPMI_ALG_HASH id);
+
+/**
+ * Extracts the plain signature data without any headers
+ *
+ * Communicates errors via LOG_ERR.
+ *
+ * @param size
+ *  Will receive the number of bytes stored in buffer.
+ * @signature The actual signature struct to extract the plain signature from.
+ * @return
+ *  Returns a buffer filled with the extracted signature or NULL on error.
+ *  Needs to be free()'d by the caller.
+ */
+UINT8* tpm2_extract_plain_signature(UINT16 *size, TPMT_SIGNATURE *signature);
+
+/**
+ * Retrieves an approproate signature scheme (scheme) signable by
+ * specified key (keyHandle) and hash algorithm (halg).
+ * @param sapi_context
+ *  System API context for tpm
+ * @param keyHandle
+ *  Handle to key used in signing operation
+ * @param halg
+ *  Hash algoritm for message
+ * @param scheme
+ *  Signature scheme output
+ * @return
+ *  True if successful
+ *  False otherwise, and scheme is left unmodified
+ */
+bool get_signature_scheme(TSS2_SYS_CONTEXT *sapi_context,
+        TPMI_DH_OBJECT keyHandle, TPMI_ALG_HASH halg,
+        TPMT_SIG_SCHEME *scheme);
+
+#endif /* LIB_TPM2_ALG_UTIL_H_ */
diff --git a/TPM2-Plugin/lib/include/tpm2_attr_util.h b/TPM2-Plugin/lib/include/tpm2_attr_util.h
new file mode 100644
index 0000000..2487982
--- /dev/null
+++ b/TPM2-Plugin/lib/include/tpm2_attr_util.h
@@ -0,0 +1,98 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of Intel Corporation nor the names of its contributors
+// may be used to endorse or promote products derived from this software without
+// specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+#ifndef LIB_TPM2_ATTR_UTIL_H_
+#define LIB_TPM2_ATTR_UTIL_H_
+
+#include <stdbool.h>
+
+#include <sapi/tpm20.h>
+
+/**
+ * Converts a list of | (pipe) separated attributes as defined in tavle 204
+ * of https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf
+ * to an actual bit field representation. The trailing TPMA_NV_ can be omitted and must be lower-case.
+ * For exmaple, TPMA_NV_PPWRITE, bcomes ppwrite. To append them together, just do the pipe inbetwwen.
+ * ppwrite|ownerwrite.
+ *
+ * @param attribute_list
+ *  The attribute string to parse, which may be modified in place.
+ * @param nvattrs
+ *  The TPMA_NV attributes set based on the attribute list. Only valid on true returns.
+ * @return
+ *  true on success, false on error.
+ */
+bool tpm2_attr_util_nv_strtoattr(char *attribute_list, TPMA_NV *nvattrs);
+
+/**
+ * Like tpm2_attr_util_nv_strtoattr() but converts TPMA_OBJECT attributes as defined in:
+ * Table 31 of https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf
+ * @param attribute_list
+ *   The attribute string to parse, which may be modified in place.
+ *  The TPMA_OBJECT attributes set based on the attribute list. Only valid on true returns.
+ * @return
+ *  true on success, false on error.
+ */
+bool tpm2_attr_util_obj_strtoattr(char *attribute_list, TPMA_OBJECT *objattrs);
+
+/**
+ * Converts a numerical or friendly string described object attribute into the
+ * TPMA_OBJECT. Similar to tpm2_alg_util_from_optarg().
+ * @param argvalue
+ *  Either a raw numeric for a UINT32 or a friendly name object attribute list
+ *  as in tpm2_attr_util_nv_strtoattr().
+ * @param objattrs
+ *  The converted bits for a TPMA_OBJECT
+ * @return
+ *  true on success or false on error.
+ */
+bool tpm2_attr_util_obj_from_optarg(char *argvalue, TPMA_OBJECT *objattrs);
+
+/**
+ * Converts a TPMA_NV structure to a friendly name style string.
+ * @param nvattrs
+ *  The nvattrs to convert to nice name.
+ * @return A string allocated with calloc(), callers shall use
+ * free() to free it. The string is a null terminated text representation
+ * of the TPMA_NV attributes.
+ */
+char *tpm2_attr_util_nv_attrtostr(TPMA_NV nvattrs);
+
+/**
+ * Like tpm2_nv_util_obj_strtoattr() but converts TPMA_OBJECT attributes as defined in:
+ * Table 31 of https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf
+ * @param objattrs
+ *  The object parameters to convert to a name
+ * @return
+ *  The name of the object attrs as a string that must be freed via free().
+ */
+char *tpm2_attr_util_obj_attrtostr(TPMA_OBJECT objattrs);
+
+#endif /* LIB_TPM2_ATTR_UTIL_H_ */
diff --git a/TPM2-Plugin/lib/include/tpm2_error.h b/TPM2-Plugin/lib/include/tpm2_error.h
new file mode 100644
index 0000000..0549edc
--- /dev/null
+++ b/TPM2-Plugin/lib/include/tpm2_error.h
@@ -0,0 +1,136 @@
+//**********************************************************************;
+// Copyright (c) 2018, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+
+#ifndef LIB_TPM2_ERROR_H_
+#define LIB_TPM2_ERROR_H_
+
+#include <stdbool.h>
+
+#include <sapi/tpm20.h>
+
+/**
+ * Number of error layers
+ */
+#define TPM2_ERROR_TSS2_RC_LAYER_COUNT (TSS2_RC_LAYER_MASK >> TSS2_RC_LAYER_SHIFT)
+
+/**
+ * Mask for the error bits of tpm2 compliant return code.
+ */
+#define TPM2_ERROR_TSS2_RC_ERROR_MASK 0xFFFF
+
+/**
+ * Retrieves the error bits from a TSS2_RC. The error bits are
+ * contained in the first 2 octets.
+ * @param rc
+ *  The rc to query for the error bits.
+ * @return
+ *  The error bits.
+ */
+static inline UINT16 tpm2_error_get(TSS2_RC rc) {
+    return ((rc & TPM2_ERROR_TSS2_RC_ERROR_MASK));
+}
+
+/**
+ * A custom error handler prototype.
+ * @param rc
+ *  The rc to decode with only the error bits set, ie no need to mask the
+ *  layer bits out. Handlers will never be invoked with the error bits set
+ *  to 0, as zero always indicates success.
+ * @return
+ *  An error string describing the rc. If the handler cannot determine
+ *  a valid response, it can return NULL indicating that the framework
+ *  should just print the raw hexidecimal value of the error field of
+ *  a tpm2_err_layer_rc.
+ *  Note that this WILL NOT BE FREED by the caller,
+ *  i.e. static.
+ */
+typedef const char *(*tpm2_error_handler)(TSS2_RC rc);
+
+/**
+ * Register or unregister a custom layer error handler.
+ * @param layer
+ *  The layer in which to register a handler for. It is an error
+ *  to register for the following reserved layers:
+ *    - TSS2_TPM_RC_LAYER  - layer  0
+ *    - TSS2_SYS_RC_LAYER  - layer  8
+ *    - TSS2_MU_RC_LAYER   - layer  9
+ *    - TSS2_TCTI_RC_LAYER - layer 10
+ * @param name
+ *  A friendly layer name. It is an error for the name to be of
+ *  length 0 or greater than 4.
+ * @param handler
+ *  The handler function to register or NULL to unregister.
+ * @return
+ *  True on success or False on error.
+ */
+bool tpm2_error_set_handler(UINT8 layer, const char *name,
+        tpm2_error_handler handler);
+
+/**
+ * Given a TSS2_RC return code, provides a static error string in the format:
+ * <layer-name>:<layer-specific-msg>.
+ *
+ * The layer-name section will either be the friendly name, or if no layer
+ * handler is registered, the base10 layer number.
+ *
+ * The "layer-specific-msg" is layer specific and will contain details on the
+ * error that occurred or the error code if it couldn't look it up.
+ *
+ * Known layer specific substrings:
+ * TPM - The tpm layer produces 2 distinct format codes that allign with:
+ *   - Section 6.6 of: https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf
+ *   - Section 39.4 of: https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.38.pdf
+ *
+ *   The two formats are format 0 and format 1.
+ *   Format 0 string format:
+ *     - "<error|warn>(<version>): <description>
+ *     - Examples:
+ *       - error(1.2): bad tag
+ *       - warn(2.0): the 1st handle in the handle area references a transient object or session that is not loaded
+ *
+ *   Format 1 string format:
+ *      - <handle|session|parameter>(<index>):<description>
+ *      - Examples:
+ *        - handle(unk):value is out of range or is not correct for the context
+ *        - tpm:handle(5):value is out of range or is not correct for the context
+ *
+ *   Note that passing TPM2_RC_SUCCESS results in the layer specific message of "success".
+ *
+ *   The System, TCTI and Marshaling (MU) layers, all define simple string
+ *   returns analogous to strerror(3).
+ *
+ *   Unknown layers will have the layer number in decimal and then a layer specific string of
+ *   a hex value representing the error code. For example: 9:0x3
+ *
+ * @param rc
+ *  The error code to decode.
+ * @return
+ *  A human understandable error description string.
+ */
+const char *tpm2_error_str(TSS2_RC rc);
+
+#endif /* LIB_TPM2_ERROR_H_ */
diff --git a/TPM2-Plugin/lib/include/tpm2_hash.h b/TPM2-Plugin/lib/include/tpm2_hash.h
new file mode 100644
index 0000000..7fab882
--- /dev/null
+++ b/TPM2-Plugin/lib/include/tpm2_hash.h
@@ -0,0 +1,84 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of Intel Corporation nor the names of its contributors
+// may be used to endorse or promote products derived from this software without
+// specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+#ifndef SRC_TPM_HASH_H_
+#define SRC_TPM_HASH_H_
+
+#include <stdbool.h>
+
+#include <sapi/tpm20.h>
+
+/**
+ * Hashes a BYTE array via the tpm.
+ * @param sapi_context
+ *  The system api context.
+ * @param hash_alg
+ *  The hashing algorithm to use.
+ * @param hierarchy
+ *  The hierarchy.
+ * @param buffer
+ *  The data to hash.
+ * @param length
+ *  The length of the data.
+ * @param result
+ *  The digest result.
+ * @param validation
+ *  The validation ticket. Note that some hierarchies don't produce a
+ *  validation ticket and thus size will be 0.
+ * @return
+ *  True on success, false otherwise.
+ */
+bool tpm2_hash_compute_data(TSS2_SYS_CONTEXT *sapi_context, TPMI_ALG_HASH halg,
+        TPMI_RH_HIERARCHY hierarchy, BYTE *buffer, UINT16 length,
+        TPM2B_DIGEST *result, TPMT_TK_HASHCHECK *validation);
+
+/**
+ * Hashes a FILE * object via the tpm.
+ * @param sapi_context
+ *  The system api context.
+ * @param hash_alg
+ *  The hashing algorithm to use.
+ * @param hierarchy
+ *  The hierarchy.
+ * @param input
+ *  The FILE object to hash.
+ * @param result
+ *  The digest result.
+ * @param validation
+ *  The validation ticket. Note that some hierarchies don't produce a
+ *  validation ticket and thus size will be 0.
+ * @return
+ *  True on success, false otherwise.
+ */
+bool tpm2_hash_file(TSS2_SYS_CONTEXT *sapi_context, TPMI_ALG_HASH halg,
+        TPMI_RH_HIERARCHY hierarchy, FILE *input, TPM2B_DIGEST *result,
+        TPMT_TK_HASHCHECK *validation);
+
+#endif /* SRC_TPM_HASH_H_ */
diff --git a/TPM2-Plugin/lib/include/tpm2_plugin_api.h b/TPM2-Plugin/lib/include/tpm2_plugin_api.h
new file mode 100644
index 0000000..238af99
--- /dev/null
+++ b/TPM2-Plugin/lib/include/tpm2_plugin_api.h
@@ -0,0 +1,136 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+
+#ifndef __TPM_API_H__
+#define __TPM_API_H__
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <limits.h>
+#include <ctype.h>
+#include <getopt.h>
+
+#include <sapi/tpm20.h>
+
+#include "plugin_register.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define TPM_SKM_SRK_HANDLE 0x81000011
+
+#define TPM_SKM_AC0_HANDLE 0x90000000
+#define TPM_SKM_AC1_HANDLE 0x90000001
+#define TPM_SKM_AC2_HANDLE 0x90000002
+
+#define TPM_SKM_APP_HANDLE 0x91100001
+
+#define INIT_SIMPLE_TPM2B_SIZE( type ) (type).t.size = sizeof( type ) - 2;
+
+#define APP_RC_OFFSET 0x100
+
+#define TSS2_APP_RC_PASSED                      (APP_RC_PASSED + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_GET_NAME_FAILED             (APP_RC_GET_NAME_FAILED + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_CREATE_SESSION_KEY_FAILED   (APP_RC_CREATE_SESSION_KEY_FAILED + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_SESSION_SLOT_NOT_FOUND      (APP_RC_SESSION_SLOT_NOT_FOUND + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_BAD_ALGORITHM               (APP_RC_BAD_ALGORITHM + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_SYS_CONTEXT_CREATE_FAILED   (APP_RC_SYS_CONTEXT_CREATE_FAILED + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_GET_SESSION_STRUCT_FAILED   (APP_RC_GET_SESSION_STRUCT_FAILED + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_GET_SESSION_ALG_ID_FAILED   (APP_RC_GET_SESSION_ALG_ID_FAILED + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_INIT_SYS_CONTEXT_FAILED     (APP_RC_INIT_SYS_CONTEXT_FAILED + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_TEARDOWN_SYS_CONTEXT_FAILED (APP_RC_TEARDOWN_SYS_CONTEXT_FAILED + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+#define TSS2_APP_RC_BAD_LOCALITY                (APP_RC_BAD_LOCALITY + APP_RC_OFFSET + TSS2_APP_ERROR_LEVEL)
+
+enum TSS2_APP_RC_CODE
+{
+    APP_RC_PASSED,
+    APP_RC_GET_NAME_FAILED,
+    APP_RC_CREATE_SESSION_KEY_FAILED,
+    APP_RC_SESSION_SLOT_NOT_FOUND,
+    APP_RC_BAD_ALGORITHM,
+    APP_RC_SYS_CONTEXT_CREATE_FAILED,
+    APP_RC_GET_SESSION_STRUCT_FAILED,
+    APP_RC_GET_SESSION_ALG_ID_FAILED,
+    APP_RC_INIT_SYS_CONTEXT_FAILED,
+    APP_RC_TEARDOWN_SYS_CONTEXT_FAILED,
+    APP_RC_BAD_LOCALITY
+};
+
+TSS2_SYS_CONTEXT *InitSysContext (UINT16 maxCommandSize,
+                                    TSS2_TCTI_CONTEXT *tctiContext,
+                                    TSS2_ABI_VERSION *abiVersion );
+
+void TeardownSysContext( TSS2_SYS_CONTEXT **sysContext );
+
+TSS2_RC TeardownTctiResMgrContext( TSS2_TCTI_CONTEXT *tctiContext );
+
+int tpm2_rsa_create_object(
+                        unsigned long appHandle,
+                        //DhsmWPKRSAFormat* wpk,
+                        void *wpk,
+                        unsigned char* swk,
+                        int swk_len,
+                        unsigned char* iv,
+                        int iv_len,
+                        int tag_len,
+                        void **cb_object);
+
+int tpm2_rsa_delete_object(
+                        void *cb_object);
+
+int tpm2_rsa_sign_init(
+        unsigned long mechanish,
+        void *param,
+        size_t len,
+        void *ctx);
+
+int tpm2_rsa_sign(
+        void *ctx,
+        unsigned char *msg,
+        int msg_len,
+        unsigned char *sig,
+        int *sig_len);
+
+
+int tpm2_import_object(
+        unsigned long appHandle, 
+        unsigned char* tlvbuffer, 
+        int buflen, 
+        unsigned char* iv, 
+        int iv_len, 
+        unsigned char* tpm_pwd, 
+        int tpm_pwd_len);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif
diff --git a/TPM2-Plugin/lib/include/tpm2_tcti_ldr.h b/TPM2-Plugin/lib/include/tpm2_tcti_ldr.h
new file mode 100644
index 0000000..1e20d3d
--- /dev/null
+++ b/TPM2-Plugin/lib/include/tpm2_tcti_ldr.h
@@ -0,0 +1,62 @@
+//**********************************************************************;
+// Copyright (c) 2018, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+
+#include <sapi/tpm20.h>
+
+#ifndef LIB_TPM2_TCTI_LDR_H_
+#define LIB_TPM2_TCTI_LDR_H_
+
+/**
+ * Loads a TCTI from a friendly name, library name, or path.
+ * For example
+ *  friendly:     path = tabrmd
+ *  library name: path = libtcti-socket.so
+ *  full path:    path = /home/user/lib/libtcti-custom.so
+ * @param path
+ *  The path/library to load.
+ * @param opts
+ *  The tcti option configs.
+ * @return
+ *  A tcti context on success or NULL on failure.
+ */
+TSS2_TCTI_CONTEXT *tpm2_tcti_ldr_load(const char *path, const char *opts);
+
+/**
+ * Returns the loaded TCTIs information structure,
+ * which contains the initialization routine, description
+ * and help string amongst other things.
+ * @return
+ *  NULL if no TCTI is loaded, else the info structure pointer.
+ */
+const TSS2_TCTI_INFO *tpm2_tcti_ldr_getinfo(void);
+
+/**
+ * Unloads the tcti loaded via tpm2_tcti_ldr_load();
+ */
+void tpm2_tcti_ldr_unload(void);
+
+#endif /* LIB_TPM2_TCTI_LDR_H_ */
diff --git a/TPM2-Plugin/lib/include/tpm2_util.h b/TPM2-Plugin/lib/include/tpm2_util.h
new file mode 100644
index 0000000..edc759d
--- /dev/null
+++ b/TPM2-Plugin/lib/include/tpm2_util.h
@@ -0,0 +1,325 @@
+//**********************************************************************;
+// Copyright (c) 2017, Intel Corporation
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of Intel Corporation nor the names of its contributors
+// may be used to endorse or promote products derived from this software without
+// specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+// THE POSSIBILITY OF SUCH DAMAGE.
+//**********************************************************************;
+#ifndef STRING_BYTES_H
+#define STRING_BYTES_H
+
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>
+
+#include <sapi/tpm20.h>
+
+#include "tpm2_error.h"
+
+#if defined (__GNUC__)
+#define COMPILER_ATTR(...) __attribute__((__VA_ARGS__))
+#else
+#define COMPILER_ATTR(...)
+#endif
+
+#define xstr(s) str(s)
+#define str(s) #s
+
+#define UNUSED(x) (void)x
+
+#define ARRAY_LEN(x) (sizeof(x)/sizeof(x[0]))
+
+#define BUFFER_SIZE(type, field) (sizeof((((type *)NULL)->field)))
+
+#define TSS2_APP_RC_LAYER TSS2_RC_LAYER(5)
+
+#define TPM2B_TYPE_INIT(type, field) { .size = BUFFER_SIZE(type, field), }
+#define TPM2B_INIT(xsize) { .size = xsize, }
+#define TPM2B_EMPTY_INIT TPM2B_INIT(0)
+#define TPM2B_SENSITIVE_CREATE_EMPTY_INIT { \
+           .sensitive = { \
+                .data = {   \
+                    .size = 0 \
+                }, \
+                .userAuth = {   \
+                    .size = 0 \
+                } \
+            } \
+    }
+
+#define TPMS_AUTH_COMMAND_INIT(session_handle) { \
+        .sessionHandle = session_handle,\
+	    .nonce = TPM2B_EMPTY_INIT, \
+	    .sessionAttributes = TPMA_SESSION_CONTINUESESSION, \
+	    .hmac = TPM2B_EMPTY_INIT \
+    }
+
+#define TPMS_AUTH_COMMAND_EMPTY_INIT TPMS_AUTH_COMMAND_INIT(0)
+
+
+#define TPMT_TK_CREATION_EMPTY_INIT { \
+        .tag = 0, \
+		.hierarchy = 0, \
+		.digest = TPM2B_EMPTY_INIT \
+    }
+
+#define TPML_PCR_SELECTION_EMPTY_INIT { \
+        .count = 0, \
+    } //ignore pcrSelections since count is 0.
+
+#define TPMS_CAPABILITY_DATA_EMPTY_INIT { \
+        .capability = 0, \
+    } // ignore data since capability is 0.
+
+#define TPMT_TK_HASHCHECK_EMPTY_INIT { \
+		.tag = 0, \
+		.hierarchy = 0, \
+		.digest = TPM2B_EMPTY_INIT \
+    }
+
+#define TSS2L_SYS_AUTH_COMMAND_INIT(cnt, array) { \
+        .count = cnt, \
+        .auths = array, \
+    }
+
+/*
+ * This macro is useful as a wrapper around SAPI functions to automatically
+ * retry function calls when the RC is TPM2_RC_RETRY.
+ */
+#define TSS2_RETRY_EXP(expression)                         \
+    ({                                                     \
+        TSS2_RC __result = 0;                              \
+        do {                                               \
+            __result = (expression);                       \
+        } while (tpm2_error_get(__result) == TPM2_RC_RETRY); \
+        __result;                                          \
+    })
+
+/**
+ * prints output to stdout respecting the quiet option.
+ * Ie when quiet, don't print.
+ * @param fmt
+ *  The format specifier, ala printf.
+ * @param ...
+ *  The varargs, just like printf.
+ */
+#define tpm2_tool_output(fmt, ...)                   \
+    do {                                        \
+        if (output_enabled) {                   \
+            printf(fmt, ##__VA_ARGS__);         \
+        }                                       \
+    } while (0)
+
+int tpm2_util_hex_to_byte_structure(const char *inStr, UINT16 *byteLenth, BYTE *byteBuffer);
+
+/**
+ * Appends a TPM2B buffer to a MAX buffer.
+ * @param result
+ *  The MAX buffer to append to
+ * @param append
+ *  The buffer to append to result.
+ * @return
+ *  true on success, false otherwise.
+ */
+bool tpm2_util_concat_buffer(TPM2B_MAX_BUFFER *result, TPM2B *append);
+
+/**
+ * Converts a numerical string into a uint32 value.
+ * @param str
+ *  The numerical string to convert.
+ * @param value
+ *  The value to store the conversion into.
+ * @return
+ *  true on success, false otherwise.
+ */
+bool tpm2_util_string_to_uint32(const char *str, uint32_t *value);
+
+/**
+ * Converts a numerical string into a uint16 value.
+ * @param str
+ *  The numerical string to convert.
+ * @param value
+ *  The value to store the conversion into.
+ * @return
+ *  true on success, false otherwise.
+ */
+bool tpm2_util_string_to_uint16(const char *str, uint16_t *value);
+
+/**
+ * Prints an xxd compatible hexdump to stdout if output is enabled,
+ * ie no -Q option.
+ *
+ * @param data
+ *  The data to print.
+ * @param len
+ *  The length of the data.
+ * @param plain
+ *  true for a plain hex string false for an xxd compatable
+ *  dump.
+ */
+void tpm2_util_hexdump(const BYTE *data, size_t len, bool plain);
+
+/**
+ * Prints an xxd compatible hexdump to stdout if output is enabled,
+ * ie no -Q option.
+ *
+ * @param fd
+ *  A readable open file.
+ * @param len
+ *  The length of the data to read and print.
+ * @param plain
+ *  true for a plain hex string false for an xxd compatable
+ *  dump.
+ * @return
+ *  true if len bytes were successfully read and printed,
+ *  false otherwise
+ */
+bool tpm2_util_hexdump_file(FILE *fd, size_t len, bool plain);
+
+/**
+ * Prints a TPM2B as a hex dump.
+ * @param buffer the TPM2B to print.
+ */
+static inline void tpm2_util_print_tpm2b(TPM2B *buffer) {
+
+    return tpm2_util_hexdump(buffer->buffer, buffer->size, true);
+}
+
+/**
+ * Reads a TPM2B object from FILE* and prints data in hex.
+ * @param fd
+ *  A readable open file.
+ */
+bool tpm2_util_print_tpm2b_file(FILE *fd);
+
+/**
+ * Copies a tpm2b from dest to src and clears dest if src is NULL.
+ * If src is NULL, it is a NOP.
+ * @param dest
+ *  The destination TPM2B
+ * @param src
+ *  The source TPM2B
+ * @return
+ *  The number of bytes copied.
+ */
+UINT16 tpm2_util_copy_tpm2b(TPM2B *dest, TPM2B *src);
+
+/**
+ * Checks if the host is big endian
+ * @return
+ *  True of the host is big endian false otherwise.
+ */
+bool tpm2_util_is_big_endian(void);
+
+/**
+ * Swaps the endianess of 16 bit value.
+ * @param data
+ *  A 16 bit value to swap the endianess on.
+ * @return
+ * The 16 bit value with the endianess swapped.
+ */
+UINT16 tpm2_util_endian_swap_16(UINT16 data);
+
+/**
+ * Just like string_bytes_endian_convert_16 but for 32 bit values.
+ */
+UINT32 tpm2_util_endian_swap_32(UINT32 data);
+
+/**
+ * Just like string_bytes_endian_convert_16 but for 64 bit values.
+ */
+UINT64 tpm2_util_endian_swap_64(UINT64 data);
+
+/**
+ * Converts a 16 bit value from host endianess to network endianess.
+ * @param data
+ *  The data to possibly swap endianess.
+ * @return
+ *  The swapped data.
+ */
+UINT16 tpm2_util_hton_16(UINT16 data);
+
+/**
+ * Just like string_bytes_endian_hton_16 but for 32 bit values.
+ */
+UINT32 tpm2_util_hton_32(UINT32 data);
+
+/**
+ * Just like string_bytes_endian_hton_16 but for 64 bit values.
+ */
+UINT64 tpm2_util_hton_64(UINT64 data);
+
+/**
+ * Converts a 16 bit value from network endianess to host endianess.
+ * @param data
+ *  The data to possibly swap endianess.
+ * @return
+ *  The swapped data.
+ */
+UINT16 tpm2_util_ntoh_16(UINT16 data);
+
+/**
+ * Just like string_bytes_endian_ntoh_16 but for 32 bit values.
+ */
+UINT32 tpm2_util_ntoh_32(UINT32 data);
+
+/**
+ * Just like string_bytes_endian_ntoh_16 but for 64 bit values.
+ */
+UINT64 tpm2_util_ntoh_64(UINT64 data);
+
+/**
+ * Counts the number of set bits aka a population count.
+ * @param data
+ *  The data to count set bits in.
+ * @return
+ *  The number of set bits or population count.
+ */
+UINT32 tpm2_util_pop_count(UINT32 data);
+
+/**
+ * Prints whitespace indention for yaml output.
+ * @param indent_count
+ *  Number of times to indent
+ */
+void print_yaml_indent(size_t indent_count);
+
+/**
+ * Convert a TPM2B_PUBLIC into a yaml format and output if not quiet.
+ * @param public
+ *  The TPM2B_PUBLIC to output in YAML format.
+ */
+void tpm2_util_public_to_yaml(TPM2B_PUBLIC *public);
+
+
+/**
+ * Convert a TPMA_OBJECT to a yaml format and output if not quiet.
+ * @param obj
+ *  The TPMA_OBJECT attributes to print.
+ */
+void tpm2_util_tpma_object_to_yaml(TPMA_OBJECT obj);
+
+#endif /* STRING_BYTES_H */