keyhndl,				    migscheme,				    migblen, migblob,				    k.privkeylen, k.encprivkey,				    authhandle1,				    TPM_NONCE_SIZE, nonceodd,				    c,				    TPM_HASH_SIZE, authdata1,				    authhandle2,				    TPM_NONCE_SIZE, nonceodd,				    c, TPM_HASH_SIZE, authdata2);		if ((ret & ERR_MASK) != 0) {			TSS_OIAPclose(authhandle1);			TSS_OIAPclose(authhandle2);			return ret;		}		/* transmit the request buffer to the TPM device and read the reply */		ret = TPM_Transmit(tpmdata, "CreateMigrationBlob");		if (ret != 0) {			TSS_OIAPclose(authhandle1);			TSS_OIAPclose(authhandle2);			return ret;		}		/* validate HMAC in response */		size1 = LOAD32(tpmdata, TPM_DATA_OFFSET);		size2 =		    LOAD32(tpmdata,			   TPM_DATA_OFFSET + TPM_U32_SIZE + size1);		if (size1 != 0) {			ret = TSS_checkhmac2(tpmdata, ordinal, nonceodd,					     keyauth, TPM_HASH_SIZE,					     migauth, TPM_HASH_SIZE,					     TPM_U32_SIZE, TPM_DATA_OFFSET,					     size1,					     TPM_DATA_OFFSET +					     TPM_U32_SIZE, TPM_U32_SIZE,					     TPM_DATA_OFFSET +					     TPM_U32_SIZE + size1, size2,					     TPM_DATA_OFFSET +					     TPM_U32_SIZE + size1 +					     TPM_U32_SIZE, 0, 0);		} else {			ret = TSS_checkhmac2(tpmdata, ordinal, nonceodd,					     keyauth, TPM_HASH_SIZE,					     migauth, TPM_HASH_SIZE,					     TPM_U32_SIZE, TPM_DATA_OFFSET,					     TPM_U32_SIZE,					     TPM_DATA_OFFSET +					     TPM_U32_SIZE, size2,					     TPM_DATA_OFFSET +					     TPM_U32_SIZE + TPM_U32_SIZE,					     0, 0);		}		TSS_OIAPclose(authhandle1);		TSS_OIAPclose(authhandle2);		if (ret != 0)			return ret;	} else {		/* no parent key password required */		/* open OIAP session for the Migrating Key */		ret = TSS_OIAPopen(&authhandle1, enonce1);		if (ret != 0)			return ret;		/* calculate Migration authorization HMAC value */		ret =		    TSS_authhmac(authdata1, migauth, TPM_HASH_SIZE,				 enonce1, nonceodd, c, TPM_U32_SIZE,				 &ordinal, TPM_U16_SIZE, &migscheme,				 migblen, migblob, TPM_U32_SIZE, &datsize,				 k.privkeylen, k.encprivkey, 0, 0);		if (ret != 0) {			TSS_OIAPclose(authhandle1);			return ret;		}		/* build the request buffer */		ret = TSS_buildbuff(create_mig_fmt_noauth, tpmdata,				    ordinal,				    keyhndl,				    migscheme,				    migblen, migblob,				    k.privkeylen, k.encprivkey,				    authhandle1,				    TPM_NONCE_SIZE, nonceodd,				    c, TPM_HASH_SIZE, authdata1);		if ((ret & ERR_MASK) != 0) {			TSS_OIAPclose(authhandle1);			return ret;		}		/* transmit the request buffer to the TPM device and read the reply */		ret = TPM_Transmit(tpmdata, "CreateMigrationBlob");		if (ret != 0) {			TSS_OIAPclose(authhandle1);			return ret;		}		/* check HMAC in response */		size1 = LOAD32(tpmdata, TPM_DATA_OFFSET);		size2 =		    LOAD32(tpmdata,			   TPM_DATA_OFFSET + TPM_U32_SIZE + size1);		if (size1 != 0) {			ret =			    TSS_checkhmac1(tpmdata, ordinal, nonceodd,					   migauth, TPM_HASH_SIZE,					   TPM_U32_SIZE, TPM_DATA_OFFSET,					   size1,					   TPM_DATA_OFFSET + TPM_U32_SIZE,					   TPM_U32_SIZE,					   TPM_DATA_OFFSET + TPM_U32_SIZE +					   size1, size2,					   TPM_DATA_OFFSET + TPM_U32_SIZE +					   size1 + TPM_U32_SIZE, 0, 0);		} else {			ret =			    TSS_checkhmac1(tpmdata, ordinal, nonceodd,					   migauth, TPM_HASH_SIZE,					   TPM_U32_SIZE, TPM_DATA_OFFSET,					   TPM_U32_SIZE,					   TPM_DATA_OFFSET + TPM_U32_SIZE,					   size2,					   TPM_DATA_OFFSET + TPM_U32_SIZE +					   TPM_U32_SIZE, 0, 0);		}		TSS_OIAPclose(authhandle1);		if (ret != 0)			return ret;	}	memcpy(rndblob, tpmdata + TPM_DATA_OFFSET + TPM_U32_SIZE, size1);	memcpy(outblob,	       tpmdata + TPM_DATA_OFFSET + TPM_U32_SIZE + size1 +	       TPM_U32_SIZE, size2);	*rndblen = size1;	*outblen = size2;	return 0;}/****************************************************************************//*                                                                          *//* Convert a Migration Blob                                                 *//*                                                                          *//* The arguments are...                                                     *//*                                                                          *//* keyhandle is the handle of the new parent key of the key                 *//*           being migrated                                                 *//* keyauth   is the authorization data (password) for the parent key        *//* rndblob   is a pointer to an area contining the random XOR data          *//* rndblen   is an integer containing the length of the random XOR data     *//* keyblob   is a pointer to an area contining the migration public         *//*           encrypted key blob                                             *//* keyblen   is an integer containing the length of the migration           *//*           public key blob                                                *//* encblob   is a pointer to an area which will receive the migrated        *//*           key re-encrypted private key blob                              *//* endblen   is a pointer to an integer which will receive size of          *//*           the migrated key re-encrypted private key blob                 *//*                                                                          *//****************************************************************************/uint32_t TPM_ConvertMigrationBlob(unsigned int keyhandle,				  unsigned char *keyauth,				  unsigned char *rndblob,				  unsigned int rndblen,				  unsigned char *keyblob,				  unsigned int keyblen,				  unsigned char *encblob,				  unsigned int *encblen){	unsigned char convert_mig_fmt[] = "00 c2 T l l @ @ l % o %";	uint32_t ret;	unsigned char tpmdata[TPM_MAX_BUFF_SIZE];	unsigned char nonceodd[TPM_NONCE_SIZE];	unsigned char evennonce[TPM_NONCE_SIZE];	unsigned char pubauth[TPM_HASH_SIZE];	unsigned char c;	uint32_t ordinal;	uint32_t authhandle;	uint32_t keyhndl;	uint32_t rndsize;	uint32_t datsize;	int size;	/* check input arguments */	if (keyauth == NULL || rndblob == NULL || keyblob == NULL	    || encblob == NULL || encblen == NULL)		return ERR_NULL_ARG;	/* generate odd nonce */	TSS_gennonce(nonceodd);	/* Open OIAP Session */	ret = TSS_OIAPopen(&authhandle, evennonce);	if (ret != 0)		return ret;	/* move Network byte order data to variables for hmac calculation */	ordinal = htonl(0x2A);	keyhndl = htonl(keyhandle);	rndsize = htonl(rndblen);	datsize = htonl(keyblen);	c = 0;	/* calculate authorization HMAC value */	ret =	    TSS_authhmac(pubauth, keyauth, TPM_HASH_SIZE, evennonce,			 nonceodd, c, TPM_U32_SIZE, &ordinal, TPM_U32_SIZE,			 &datsize, keyblen, keyblob, TPM_U32_SIZE,			 &rndsize, rndblen, rndblob, 0, 0);	if (ret != 0) {		TSS_OIAPclose(authhandle);		return ret;	}	/* build the request buffer */	ret = TSS_buildbuff(convert_mig_fmt, tpmdata,			    ordinal,			    keyhndl,			    keyblen, keyblob,			    rndblen, rndblob,			    authhandle,			    TPM_NONCE_SIZE, nonceodd,			    c, TPM_HASH_SIZE, pubauth);	if ((ret & ERR_MASK) != 0) {		TSS_OIAPclose(authhandle);		return ret;	}	/* transmit the request buffer to the TPM device and read the reply */	ret = TPM_Transmit(tpmdata, "ConvertMigrationBlob");	if (ret != 0) {		TSS_OIAPclose(authhandle);		return ret;	}	TSS_OIAPclose(authhandle);	size = LOAD32(tpmdata, TPM_DATA_OFFSET);	ret =	    TSS_checkhmac1(tpmdata, ordinal, nonceodd, keyauth,			   TPM_HASH_SIZE, TPM_U32_SIZE, TPM_DATA_OFFSET,			   size, TPM_DATA_OFFSET + TPM_U32_SIZE, 0, 0);	if (ret != 0)		return ret;	memcpy(encblob, tpmdata + TPM_DATA_OFFSET + TPM_U32_SIZE, size);	*encblen = size;	return 0;}