    def get_quote(self, aik, pcrs, challenge):
        retrieve a signed set of PCR values

        :param aik: A TspiObject representing the Attestation Identity Key
        :param pcrs: A TspiPCRs representing the PCRs to be quoted
        :param challenge: The challenge to use

        :returns: A tuple containing the quote data and the validation block
        valid = ffi.new('TSS_VALIDATION *')
        chalmd = ffi.new('BYTE[]', 20)

        if challenge:
            m = hashlib.sha1()
            sha1 = bytearray(m.digest())
            for i in range(len(sha1)):
                chalmd[i] = sha1[i]

        valid[0].ulExternalDataLength = ffi.sizeof(chalmd)
        valid[0].rgbExternalData = chalmd

        tss_lib.Tspi_TPM_Quote(self.handle[0], aik.get_handle(), pcrs.get_handle(),

        data = bytearray(valid[0].rgbData[0:valid[0].ulDataLength])
        validation = bytearray(valid[0].rgbValidationData
        tss_lib.Tspi_Context_FreeMemory(self.context, valid[0].rgbData)
        tss_lib.Tspi_Context_FreeMemory(self.context, valid[0].rgbValidationData)
        return (data, validation)
    def activate_identity(self, aik, asymblob, symblob):
        Decrypt the challenge provided by the attestation host

        :param aik: A TspiObject representing the Attestation Identity Key
        :param asymblob: The asymmetrically encrypted challenge data
        :param symblob: The symmetrically encrypted challenge data

        :returns: A bytearray containing the decrypted challenge
        casymblob = ffi.new('BYTE[]', len(asymblob))
        for i in range(len(asymblob)):
            casymblob[i] = asymblob[i]
        csymblob = ffi.new('BYTE[]', len(symblob))
        for i in range(len(symblob)):
            csymblob[i] = symblob[i]
        credlen = ffi.new('UINT32 *')
        cred = ffi.new('BYTE **')
        tss_lib.Tspi_TPM_ActivateIdentity(self.handle[0], aik.get_handle(),
                                          len(asymblob), casymblob,
                                          len(symblob), csymblob, credlen,
        ret = bytearray(cred[0][0:credlen[0]])
        tss_lib.Tspi_Context_FreeMemory(self.context, cred[0])
        return ret
    def get_pcrs(self):
        Get the digest value of the PCRs referred to by this object

        :returns: a dictionary of PCR/value pairs
        for pcr in self.pcrs:
            buf = ffi.new('BYTE **')
            buflen = ffi.new('UINT32 *')
            tss_lib.Tspi_PcrComposite_GetPcrValue(self.handle[0], pcr, buflen, buf)
            self.pcrs[pcr] = bytearray(buf[0][0:buflen[0]])
            tss_lib.Tspi_Context_FreeMemory(self.context, buf[0])
        return self.pcrs
    def get_attribute_data(self, attrib, sub):
        Get an arbitrary datatype associated with the object

        :param attrib: The attribute to modify
        :param sub: The subattribute to modify

        :returns: a bytearray containing the data
        bloblen = ffi.new('UINT32 *')
        blob = ffi.new('BYTE **')
        tss_lib.Tspi_GetAttribData(self.handle[0], attrib, sub, bloblen, blob)
        ret = bytearray(blob[0][0:bloblen[0]])
        tss_lib.Tspi_Context_FreeMemory(self.context, blob[0])
        return ret
    def collate_identity_request(self, srk, pubkey, aik):
        Generate everything required to authenticate the TPM to a third party

        :param srk: The storage root key to use
        :param pubkey: The key to use for signing the output key
        :param aik: The key to use as the identity key

        :returns: A bytearray containing a certificate request
        bloblen = ffi.new('UINT32 *')
        blob = ffi.new('BYTE **')
                                            pubkey.get_handle(), 0, "",
                                            aik.get_handle(), tss_lib.TSS_ALG_AES,
                                            bloblen, blob)
        ret = bytearray(blob[0][0:bloblen[0]])
        tss_lib.Tspi_Context_FreeMemory(self.context, blob[0])
        return ret
    def extend_pcr(self, pcr, data, event):
        Extend a PCR

        :param pcr: The PCR to extend
        :param data: The data to be hashed by the TPM for extending the PCR
        :param event: A dict containing the event data

        :returns: A bytearray containing the new PCR value
        cdata = ffi.new('BYTE []', len(data))
        bloblen = ffi.new('UINT32 *')
        blob = ffi.new('BYTE **')
        for i in range(len(data)):
            cdata[i] = data[i]

        tss_lib.Tspi_TPM_PcrExtend(self.get_handle(), pcr, len(data), cdata,
                                   ffi.NULL, bloblen, blob)
        ret = bytearray(blob[0][0:bloblen[0]])
        tss_lib.Tspi_Context_FreeMemory(self.context, blob[0])
        return ret
    def unseal(self, data):
        Unseal data from the local TPM using this key

        :param data: The data to unseal

        :returns: a bytearray of the unencrypted data
        encdata = TspiObject(self.context, 'TSS_HENCDATA *',

                                tss_lib.TSS_TSPATTRIB_ENCDATABLOB_BLOB, data)

        bloblen = ffi.new('UINT32 *')
        blob = ffi.new('BYTE **')

        tss_lib.Tspi_Data_Unseal(encdata.get_handle(), self.get_handle(),
                                 bloblen, blob)
        ret = bytearray(blob[0][0:bloblen[0]])
        tss_lib.Tspi_Context_FreeMemory(self.context, blob[0])
        return ret
    def get_capability(self, cap, sub):
        Get information on the capabilities of the TPM

        :param cap: The capability to query
        :param sub: The subcapability to query

        :returns: A bytearray containing the capability data
        resp = ffi.new('BYTE **')
        resplen = ffi.new('UINT32 *')
        ''' csub = ffi.new('BYTE []', len(sub))
        for i in range(len(sub)):
            csub[i] = sub[i]
        csub = ffi.new('BYTE [4]')
        bytearr = [hex(sub >> i & 0xff) for i in (0, 8, 16, 24)]
        for i in range(4):
            csub[i] = int(bytearr[i], 16)
        tss_lib.Tspi_TPM_GetCapability(self.handle[0], cap, 4, csub, resplen,
        ret = bytearray(resp[0][0:resplen[0]])
        tss_lib.Tspi_Context_FreeMemory(self.context, resp[0])
        return ret