trunks/error_codes.cc - platform/system/tpm - Git at Google

 //
 // Copyright (C) 2014 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //

 #include "trunks/error_codes.h"

 #include <sstream>
 #include <string>

 #include <base/logging.h>

 namespace {

 // Masks out the P and N bits (see TPM 2.0 Part 2 Table 14).
 const trunks::TPM_RC kFormatOneErrorMask = 0x0BF;
 // Selects just the N bits that identify the subject index.
 const trunks::TPM_RC kFormatOneSubjectMask = 0x700;
 const trunks::TPM_RC kLayerMask = 0xFFFFF000;

 // Returns a known error code or the empty string if unknown.
 std::string GetErrorStringInternal(trunks::TPM_RC error) {
   switch (error) {
     case trunks::TPM_RC_SUCCESS:
       return "TPM_RC_SUCCESS";
     case trunks::TPM_RC_BAD_TAG:
       return "TPM_RC_BAD_TAG";
     case trunks::TPM_RC_INITIALIZE:
       return "TPM_RC_INITIALIZE";
     case trunks::TPM_RC_FAILURE:
       return "TPM_RC_FAILURE";
     case trunks::TPM_RC_SEQUENCE:
       return "TPM_RC_SEQUENCE";
     case trunks::TPM_RC_PRIVATE:
       return "TPM_RC_PRIVATE";
     case trunks::TPM_RC_HMAC:
       return "TPM_RC_HMAC";
     case trunks::TPM_RC_DISABLED:
       return "TPM_RC_DISABLED";
     case trunks::TPM_RC_EXCLUSIVE:
       return "TPM_RC_EXCLUSIVE";
     case trunks::TPM_RC_AUTH_TYPE:
       return "TPM_RC_AUTH_TYPE";
     case trunks::TPM_RC_AUTH_MISSING:
       return "TPM_RC_AUTH_MISSING";
     case trunks::TPM_RC_POLICY:
       return "TPM_RC_POLICY";
     case trunks::TPM_RC_PCR:
       return "TPM_RC_PCR";
     case trunks::TPM_RC_PCR_CHANGED:
       return "TPM_RC_PCR_CHANGED";
     case trunks::TPM_RC_UPGRADE:
       return "TPM_RC_UPGRADE";
     case trunks::TPM_RC_TOO_MANY_CONTEXTS:
       return "TPM_RC_TOO_MANY_CONTEXTS";
     case trunks::TPM_RC_AUTH_UNAVAILABLE:
       return "TPM_RC_AUTH_UNAVAILABLE";
     case trunks::TPM_RC_REBOOT:
       return "TPM_RC_REBOOT";
     case trunks::TPM_RC_UNBALANCED:
       return "TPM_RC_UNBALANCED";
     case trunks::TPM_RC_COMMAND_SIZE:
       return "TPM_RC_COMMAND_SIZE";
     case trunks::TPM_RC_COMMAND_CODE:
       return "TPM_RC_COMMAND_CODE";
     case trunks::TPM_RC_AUTHSIZE:
       return "TPM_RC_AUTHSIZE";
     case trunks::TPM_RC_AUTH_CONTEXT:
       return "TPM_RC_AUTH_CONTEXT";
     case trunks::TPM_RC_NV_RANGE:
       return "TPM_RC_NV_RANGE";
     case trunks::TPM_RC_NV_SIZE:
       return "TPM_RC_NV_SIZE";
     case trunks::TPM_RC_NV_LOCKED:
       return "TPM_RC_NV_LOCKED";
     case trunks::TPM_RC_NV_AUTHORIZATION:
       return "TPM_RC_NV_AUTHORIZATION";
     case trunks::TPM_RC_NV_UNINITIALIZED:
       return "TPM_RC_NV_UNINITIALIZED";
     case trunks::TPM_RC_NV_SPACE:
       return "TPM_RC_NV_SPACE";
     case trunks::TPM_RC_NV_DEFINED:
       return "TPM_RC_NV_DEFINED";
     case trunks::TPM_RC_BAD_CONTEXT:
       return "TPM_RC_BAD_CONTEXT";
     case trunks::TPM_RC_CPHASH:
       return "TPM_RC_CPHASH";
     case trunks::TPM_RC_PARENT:
       return "TPM_RC_PARENT";
     case trunks::TPM_RC_NEEDS_TEST:
       return "TPM_RC_NEEDS_TEST";
     case trunks::TPM_RC_NO_RESULT:
       return "TPM_RC_NO_RESULT";
     case trunks::TPM_RC_SENSITIVE:
       return "TPM_RC_SENSITIVE";
     case trunks::TPM_RC_ASYMMETRIC:
       return "TPM_RC_ASYMMETRIC";
     case trunks::TPM_RC_ATTRIBUTES:
       return "TPM_RC_ATTRIBUTES";
     case trunks::TPM_RC_HASH:
       return "TPM_RC_HASH";
     case trunks::TPM_RC_VALUE:
       return "TPM_RC_VALUE";
     case trunks::TPM_RC_HIERARCHY:
       return "TPM_RC_HIERARCHY";
     case trunks::TPM_RC_KEY_SIZE:
       return "TPM_RC_KEY_SIZE";
     case trunks::TPM_RC_MGF:
       return "TPM_RC_MGF";
     case trunks::TPM_RC_MODE:
       return "TPM_RC_MODE";
     case trunks::TPM_RC_TYPE:
       return "TPM_RC_TYPE";
     case trunks::TPM_RC_HANDLE:
       return "TPM_RC_HANDLE";
     case trunks::TPM_RC_KDF:
       return "TPM_RC_KDF";
     case trunks::TPM_RC_RANGE:
       return "TPM_RC_RANGE";
     case trunks::TPM_RC_AUTH_FAIL:
       return "TPM_RC_AUTH_FAIL";
     case trunks::TPM_RC_NONCE:
       return "TPM_RC_NONCE";
     case trunks::TPM_RC_PP:
       return "TPM_RC_PP";
     case trunks::TPM_RC_SCHEME:
       return "TPM_RC_SCHEME";
     case trunks::TPM_RC_SIZE:
       return "TPM_RC_SIZE";
     case trunks::TPM_RC_SYMMETRIC:
       return "TPM_RC_SYMMETRIC";
     case trunks::TPM_RC_TAG:
       return "TPM_RC_TAG";
     case trunks::TPM_RC_SELECTOR:
       return "TPM_RC_SELECTOR";
     case trunks::TPM_RC_INSUFFICIENT:
       return "TPM_RC_INSUFFICIENT";
     case trunks::TPM_RC_SIGNATURE:
       return "TPM_RC_SIGNATURE";
     case trunks::TPM_RC_KEY:
       return "TPM_RC_KEY";
     case trunks::TPM_RC_POLICY_FAIL:
       return "TPM_RC_POLICY_FAIL";
     case trunks::TPM_RC_INTEGRITY:
       return "TPM_RC_INTEGRITY";
     case trunks::TPM_RC_TICKET:
       return "TPM_RC_TICKET";
     case trunks::TPM_RC_RESERVED_BITS:
       return "TPM_RC_RESERVED_BITS";
     case trunks::TPM_RC_BAD_AUTH:
       return "TPM_RC_BAD_AUTH";
     case trunks::TPM_RC_EXPIRED:
       return "TPM_RC_EXPIRED";
     case trunks::TPM_RC_POLICY_CC:
       return "TPM_RC_POLICY_CC";
     case trunks::TPM_RC_BINDING:
       return "TPM_RC_BINDING";
     case trunks::TPM_RC_CURVE:
       return "TPM_RC_CURVE";
     case trunks::TPM_RC_ECC_POINT:
       return "TPM_RC_ECC_POINT";
     case trunks::TPM_RC_CONTEXT_GAP:
       return "TPM_RC_CONTEXT_GAP";
     case trunks::TPM_RC_OBJECT_MEMORY:
       return "TPM_RC_OBJECT_MEMORY";
     case trunks::TPM_RC_SESSION_MEMORY:
       return "TPM_RC_SESSION_MEMORY";
     case trunks::TPM_RC_MEMORY:
       return "TPM_RC_MEMORY";
     case trunks::TPM_RC_SESSION_HANDLES:
       return "TPM_RC_SESSION_HANDLES";
     case trunks::TPM_RC_OBJECT_HANDLES:
       return "TPM_RC_OBJECT_HANDLES";
     case trunks::TPM_RC_LOCALITY:
       return "TPM_RC_LOCALITY";
     case trunks::TPM_RC_YIELDED:
       return "TPM_RC_YIELDED";
     case trunks::TPM_RC_CANCELED:
       return "TPM_RC_CANCELED";
     case trunks::TPM_RC_TESTING:
       return "TPM_RC_TESTING";
     case trunks::TPM_RC_REFERENCE_H0:
       return "TPM_RC_REFERENCE_H0";
     case trunks::TPM_RC_REFERENCE_H1:
       return "TPM_RC_REFERENCE_H1";
     case trunks::TPM_RC_REFERENCE_H2:
       return "TPM_RC_REFERENCE_H2";
     case trunks::TPM_RC_REFERENCE_H3:
       return "TPM_RC_REFERENCE_H3";
     case trunks::TPM_RC_REFERENCE_H4:
       return "TPM_RC_REFERENCE_H4";
     case trunks::TPM_RC_REFERENCE_H5:
       return "TPM_RC_REFERENCE_H5";
     case trunks::TPM_RC_REFERENCE_H6:
       return "TPM_RC_REFERENCE_H6";
     case trunks::TPM_RC_REFERENCE_S0:
       return "TPM_RC_REFERENCE_S0";
     case trunks::TPM_RC_REFERENCE_S1:
       return "TPM_RC_REFERENCE_S1";
     case trunks::TPM_RC_REFERENCE_S2:
       return "TPM_RC_REFERENCE_S2";
     case trunks::TPM_RC_REFERENCE_S3:
       return "TPM_RC_REFERENCE_S3";
     case trunks::TPM_RC_REFERENCE_S4:
       return "TPM_RC_REFERENCE_S4";
     case trunks::TPM_RC_REFERENCE_S5:
       return "TPM_RC_REFERENCE_S5";
     case trunks::TPM_RC_REFERENCE_S6:
       return "TPM_RC_REFERENCE_S6";
     case trunks::TPM_RC_NV_RATE:
       return "TPM_RC_NV_RATE";
     case trunks::TPM_RC_LOCKOUT:
       return "TPM_RC_LOCKOUT";
     case trunks::TPM_RC_RETRY:
       return "TPM_RC_RETRY";
     case trunks::TPM_RC_NV_UNAVAILABLE:
       return "TPM_RC_NV_UNAVAILABLE";
     case trunks::TPM_RC_NOT_USED:
       return "TPM_RC_NOT_USED";
     case trunks::TRUNKS_RC_AUTHORIZATION_FAILED:
       return "TRUNKS_RC_AUTHORIZATION_FAILED";
     case trunks::TRUNKS_RC_ENCRYPTION_FAILED:
       return "TRUNKS_RC_ENCRYPTION_FAILED";
     case trunks::TRUNKS_RC_READ_ERROR:
       return "TRUNKS_RC_READ_ERROR";
     case trunks::TRUNKS_RC_WRITE_ERROR:
       return "TRUNKS_RC_WRITE_ERROR";
     case trunks::TRUNKS_RC_IPC_ERROR:
       return "TRUNKS_RC_IPC_ERROR";
     case trunks::TRUNKS_RC_SESSION_SETUP_ERROR:
       return "TRUNKS_RC_SESSION_SETUP_ERROR";
     case trunks::TCTI_RC_TRY_AGAIN:
       return "TCTI_RC_TRY_AGAIN";
     case trunks::TCTI_RC_GENERAL_FAILURE:
       return "TCTI_RC_GENERAL_FAILURE";
     case trunks::TCTI_RC_BAD_CONTEXT:
       return "TCTI_RC_BAD_CONTEXT";
     case trunks::TCTI_RC_WRONG_ABI_VERSION:
       return "TCTI_RC_WRONG_ABI_VERSION";
     case trunks::TCTI_RC_NOT_IMPLEMENTED:
       return "TCTI_RC_NOT_IMPLEMENTED";
     case trunks::TCTI_RC_BAD_PARAMETER:
       return "TCTI_RC_BAD_PARAMETER";
     case trunks::TCTI_RC_INSUFFICIENT_BUFFER:
       return "TCTI_RC_INSUFFICIENT_BUFFER";
     case trunks::TCTI_RC_NO_CONNECTION:
       return "TCTI_RC_NO_CONNECTION";
     case trunks::TCTI_RC_DRIVER_NOT_FOUND:
       return "TCTI_RC_DRIVER_NOT_FOUND";
     case trunks::TCTI_RC_DRIVERINFO_NOT_FOUND:
       return "TCTI_RC_DRIVERINFO_NOT_FOUND";
     case trunks::TCTI_RC_NO_RESPONSE:
       return "TCTI_RC_NO_RESPONSE";
     case trunks::TCTI_RC_BAD_VALUE:
       return "TCTI_RC_BAD_VALUE";
     case trunks::SAPI_RC_INVALID_SESSIONS:
       return "SAPI_RC_INVALID_SESSIONS";
     case trunks::SAPI_RC_ABI_MISMATCH:
       return "SAPI_RC_ABI_MISMATCH";
     case trunks::SAPI_RC_INSUFFICIENT_BUFFER:
       return "SAPI_RC_INSUFFICIENT_BUFFER";
     case trunks::SAPI_RC_BAD_PARAMETER:
       return "SAPI_RC_BAD_PARAMETER";
     case trunks::SAPI_RC_BAD_SEQUENCE:
       return "SAPI_RC_BAD_SEQUENCE";
     case trunks::SAPI_RC_NO_DECRYPT_PARAM:
       return "SAPI_RC_NO_DECRYPT_PARAM";
     case trunks::SAPI_RC_NO_ENCRYPT_PARAM:
       return "SAPI_RC_NO_ENCRYPT_PARAM";
     case trunks::SAPI_RC_NO_RESPONSE_RECEIVED:
       return "SAPI_RC_NO_RESPONSE_RECEIVED";
     case trunks::SAPI_RC_BAD_SIZE:
       return "SAPI_RC_BAD_SIZE";
     case trunks::SAPI_RC_CORRUPTED_DATA:
       return "SAPI_RC_CORRUPTED_DATA";
     case trunks::SAPI_RC_INSUFFICIENT_CONTEXT:
       return "SAPI_RC_INSUFFICIENT_CONTEXT";
     case trunks::SAPI_RC_INSUFFICIENT_RESPONSE:
       return "SAPI_RC_INSUFFICIENT_RESPONSE";
     case trunks::SAPI_RC_INCOMPATIBLE_TCTI:
       return "SAPI_RC_INCOMPATIBLE_TCTI";
     case trunks::SAPI_RC_MALFORMED_RESPONSE:
       return "SAPI_RC_MALFORMED_RESPONSE";
     case trunks::SAPI_RC_BAD_TCTI_STRUCTURE:
       return "SAPI_RC_BAD_TCTI_STRUCTURE";
     default:
       return std::string();
   }
   NOTREACHED();
   return std::string();
 }

 bool IsFormatOne(trunks::TPM_RC error) {
   return (error & kLayerMask) == 0 && (error & trunks::RC_FMT1) != 0;
 }

 }  // namespace

 namespace trunks {

 std::string GetErrorString(TPM_RC error) {
   std::string error_string = GetErrorStringInternal(error);
   if (!error_string.empty()) {
     return error_string;
   }
   std::stringstream ss;
   if ((error & kLayerMask) == kResourceManagerTpmErrorBase) {
     error &= ~kLayerMask;
     error_string = GetErrorStringInternal(error);
     ss << "Resource Manager: ";
   }
   // Check if we have a TPM 'Format-One' response code.
   if (IsFormatOne(error)) {
     if (error & TPM_RC_P) {
       ss << "Parameter ";
     } else if (error & TPM_RC_S) {
       ss << "Session ";
     } else {
       ss << "Handle ";
     }
     // Bits 8-10 specify which handle / parameter / session.
     ss << ((error & kFormatOneSubjectMask) >> 8) << ": ";
     // Mask out everything but the format bit and error number.
     error_string = GetErrorStringInternal(error & kFormatOneErrorMask);
     if (!error_string.empty()) {
       ss << error_string;
     }
   }
   if (error_string.empty()) {
     ss << "Unknown error: " << error << " (0x" << std::hex << error << ")";
   }
   return ss.str();
 }

 TPM_RC GetFormatOneError(TPM_RC error) {
   if (IsFormatOne(error)) {
     return (error & kFormatOneErrorMask);
   }
   return error;
 }

 std::string CreateErrorResponse(TPM_RC error_code) {
   const uint32_t kErrorResponseSize = 10;
   std::string response;
   CHECK_EQ(Serialize_TPM_ST(TPM_ST_NO_SESSIONS, &response), TPM_RC_SUCCESS);
   CHECK_EQ(Serialize_UINT32(kErrorResponseSize, &response), TPM_RC_SUCCESS);
   CHECK_EQ(Serialize_TPM_RC(error_code, &response), TPM_RC_SUCCESS);
   return response;
 }

 }  // namespace trunks
	//
	// Copyright (C) 2014 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//

	#include "trunks/error_codes.h"

	#include <sstream>
	#include <string>

	#include <base/logging.h>

	namespace {

	// Masks out the P and N bits (see TPM 2.0 Part 2 Table 14).
	const trunks::TPM_RC kFormatOneErrorMask = 0x0BF;
	// Selects just the N bits that identify the subject index.
	const trunks::TPM_RC kFormatOneSubjectMask = 0x700;
	const trunks::TPM_RC kLayerMask = 0xFFFFF000;

	// Returns a known error code or the empty string if unknown.
	std::string GetErrorStringInternal(trunks::TPM_RC error) {
	switch (error) {
	case trunks::TPM_RC_SUCCESS:
	return "TPM_RC_SUCCESS";
	case trunks::TPM_RC_BAD_TAG:
	return "TPM_RC_BAD_TAG";
	case trunks::TPM_RC_INITIALIZE:
	return "TPM_RC_INITIALIZE";
	case trunks::TPM_RC_FAILURE:
	return "TPM_RC_FAILURE";
	case trunks::TPM_RC_SEQUENCE:
	return "TPM_RC_SEQUENCE";
	case trunks::TPM_RC_PRIVATE:
	return "TPM_RC_PRIVATE";
	case trunks::TPM_RC_HMAC:
	return "TPM_RC_HMAC";
	case trunks::TPM_RC_DISABLED:
	return "TPM_RC_DISABLED";
	case trunks::TPM_RC_EXCLUSIVE:
	return "TPM_RC_EXCLUSIVE";
	case trunks::TPM_RC_AUTH_TYPE:
	return "TPM_RC_AUTH_TYPE";
	case trunks::TPM_RC_AUTH_MISSING:
	return "TPM_RC_AUTH_MISSING";
	case trunks::TPM_RC_POLICY:
	return "TPM_RC_POLICY";
	case trunks::TPM_RC_PCR:
	return "TPM_RC_PCR";
	case trunks::TPM_RC_PCR_CHANGED:
	return "TPM_RC_PCR_CHANGED";
	case trunks::TPM_RC_UPGRADE:
	return "TPM_RC_UPGRADE";
	case trunks::TPM_RC_TOO_MANY_CONTEXTS:
	return "TPM_RC_TOO_MANY_CONTEXTS";
	case trunks::TPM_RC_AUTH_UNAVAILABLE:
	return "TPM_RC_AUTH_UNAVAILABLE";
	case trunks::TPM_RC_REBOOT:
	return "TPM_RC_REBOOT";
	case trunks::TPM_RC_UNBALANCED:
	return "TPM_RC_UNBALANCED";
	case trunks::TPM_RC_COMMAND_SIZE:
	return "TPM_RC_COMMAND_SIZE";
	case trunks::TPM_RC_COMMAND_CODE:
	return "TPM_RC_COMMAND_CODE";
	case trunks::TPM_RC_AUTHSIZE:
	return "TPM_RC_AUTHSIZE";
	case trunks::TPM_RC_AUTH_CONTEXT:
	return "TPM_RC_AUTH_CONTEXT";
	case trunks::TPM_RC_NV_RANGE:
	return "TPM_RC_NV_RANGE";
	case trunks::TPM_RC_NV_SIZE:
	return "TPM_RC_NV_SIZE";
	case trunks::TPM_RC_NV_LOCKED:
	return "TPM_RC_NV_LOCKED";
	case trunks::TPM_RC_NV_AUTHORIZATION:
	return "TPM_RC_NV_AUTHORIZATION";
	case trunks::TPM_RC_NV_UNINITIALIZED:
	return "TPM_RC_NV_UNINITIALIZED";
	case trunks::TPM_RC_NV_SPACE:
	return "TPM_RC_NV_SPACE";
	case trunks::TPM_RC_NV_DEFINED:
	return "TPM_RC_NV_DEFINED";
	case trunks::TPM_RC_BAD_CONTEXT:
	return "TPM_RC_BAD_CONTEXT";
	case trunks::TPM_RC_CPHASH:
	return "TPM_RC_CPHASH";
	case trunks::TPM_RC_PARENT:
	return "TPM_RC_PARENT";
	case trunks::TPM_RC_NEEDS_TEST:
	return "TPM_RC_NEEDS_TEST";
	case trunks::TPM_RC_NO_RESULT:
	return "TPM_RC_NO_RESULT";
	case trunks::TPM_RC_SENSITIVE:
	return "TPM_RC_SENSITIVE";
	case trunks::TPM_RC_ASYMMETRIC:
	return "TPM_RC_ASYMMETRIC";
	case trunks::TPM_RC_ATTRIBUTES:
	return "TPM_RC_ATTRIBUTES";
	case trunks::TPM_RC_HASH:
	return "TPM_RC_HASH";
	case trunks::TPM_RC_VALUE:
	return "TPM_RC_VALUE";
	case trunks::TPM_RC_HIERARCHY:
	return "TPM_RC_HIERARCHY";
	case trunks::TPM_RC_KEY_SIZE:
	return "TPM_RC_KEY_SIZE";
	case trunks::TPM_RC_MGF:
	return "TPM_RC_MGF";
	case trunks::TPM_RC_MODE:
	return "TPM_RC_MODE";
	case trunks::TPM_RC_TYPE:
	return "TPM_RC_TYPE";
	case trunks::TPM_RC_HANDLE:
	return "TPM_RC_HANDLE";
	case trunks::TPM_RC_KDF:
	return "TPM_RC_KDF";
	case trunks::TPM_RC_RANGE:
	return "TPM_RC_RANGE";
	case trunks::TPM_RC_AUTH_FAIL:
	return "TPM_RC_AUTH_FAIL";
	case trunks::TPM_RC_NONCE:
	return "TPM_RC_NONCE";
	case trunks::TPM_RC_PP:
	return "TPM_RC_PP";
	case trunks::TPM_RC_SCHEME:
	return "TPM_RC_SCHEME";
	case trunks::TPM_RC_SIZE:
	return "TPM_RC_SIZE";
	case trunks::TPM_RC_SYMMETRIC:
	return "TPM_RC_SYMMETRIC";
	case trunks::TPM_RC_TAG:
	return "TPM_RC_TAG";
	case trunks::TPM_RC_SELECTOR:
	return "TPM_RC_SELECTOR";
	case trunks::TPM_RC_INSUFFICIENT:
	return "TPM_RC_INSUFFICIENT";
	case trunks::TPM_RC_SIGNATURE:
	return "TPM_RC_SIGNATURE";
	case trunks::TPM_RC_KEY:
	return "TPM_RC_KEY";
	case trunks::TPM_RC_POLICY_FAIL:
	return "TPM_RC_POLICY_FAIL";
	case trunks::TPM_RC_INTEGRITY:
	return "TPM_RC_INTEGRITY";
	case trunks::TPM_RC_TICKET:
	return "TPM_RC_TICKET";
	case trunks::TPM_RC_RESERVED_BITS:
	return "TPM_RC_RESERVED_BITS";
	case trunks::TPM_RC_BAD_AUTH:
	return "TPM_RC_BAD_AUTH";
	case trunks::TPM_RC_EXPIRED:
	return "TPM_RC_EXPIRED";
	case trunks::TPM_RC_POLICY_CC:
	return "TPM_RC_POLICY_CC";
	case trunks::TPM_RC_BINDING:
	return "TPM_RC_BINDING";
	case trunks::TPM_RC_CURVE:
	return "TPM_RC_CURVE";
	case trunks::TPM_RC_ECC_POINT:
	return "TPM_RC_ECC_POINT";
	case trunks::TPM_RC_CONTEXT_GAP:
	return "TPM_RC_CONTEXT_GAP";
	case trunks::TPM_RC_OBJECT_MEMORY:
	return "TPM_RC_OBJECT_MEMORY";
	case trunks::TPM_RC_SESSION_MEMORY:
	return "TPM_RC_SESSION_MEMORY";
	case trunks::TPM_RC_MEMORY:
	return "TPM_RC_MEMORY";
	case trunks::TPM_RC_SESSION_HANDLES:
	return "TPM_RC_SESSION_HANDLES";
	case trunks::TPM_RC_OBJECT_HANDLES:
	return "TPM_RC_OBJECT_HANDLES";
	case trunks::TPM_RC_LOCALITY:
	return "TPM_RC_LOCALITY";
	case trunks::TPM_RC_YIELDED:
	return "TPM_RC_YIELDED";
	case trunks::TPM_RC_CANCELED:
	return "TPM_RC_CANCELED";
	case trunks::TPM_RC_TESTING:
	return "TPM_RC_TESTING";
	case trunks::TPM_RC_REFERENCE_H0:
	return "TPM_RC_REFERENCE_H0";
	case trunks::TPM_RC_REFERENCE_H1:
	return "TPM_RC_REFERENCE_H1";
	case trunks::TPM_RC_REFERENCE_H2:
	return "TPM_RC_REFERENCE_H2";
	case trunks::TPM_RC_REFERENCE_H3:
	return "TPM_RC_REFERENCE_H3";
	case trunks::TPM_RC_REFERENCE_H4:
	return "TPM_RC_REFERENCE_H4";
	case trunks::TPM_RC_REFERENCE_H5:
	return "TPM_RC_REFERENCE_H5";
	case trunks::TPM_RC_REFERENCE_H6:
	return "TPM_RC_REFERENCE_H6";
	case trunks::TPM_RC_REFERENCE_S0:
	return "TPM_RC_REFERENCE_S0";
	case trunks::TPM_RC_REFERENCE_S1:
	return "TPM_RC_REFERENCE_S1";
	case trunks::TPM_RC_REFERENCE_S2:
	return "TPM_RC_REFERENCE_S2";
	case trunks::TPM_RC_REFERENCE_S3:
	return "TPM_RC_REFERENCE_S3";
	case trunks::TPM_RC_REFERENCE_S4:
	return "TPM_RC_REFERENCE_S4";
	case trunks::TPM_RC_REFERENCE_S5:
	return "TPM_RC_REFERENCE_S5";
	case trunks::TPM_RC_REFERENCE_S6:
	return "TPM_RC_REFERENCE_S6";
	case trunks::TPM_RC_NV_RATE:
	return "TPM_RC_NV_RATE";
	case trunks::TPM_RC_LOCKOUT:
	return "TPM_RC_LOCKOUT";
	case trunks::TPM_RC_RETRY:
	return "TPM_RC_RETRY";
	case trunks::TPM_RC_NV_UNAVAILABLE:
	return "TPM_RC_NV_UNAVAILABLE";
	case trunks::TPM_RC_NOT_USED:
	return "TPM_RC_NOT_USED";
	case trunks::TRUNKS_RC_AUTHORIZATION_FAILED:
	return "TRUNKS_RC_AUTHORIZATION_FAILED";
	case trunks::TRUNKS_RC_ENCRYPTION_FAILED:
	return "TRUNKS_RC_ENCRYPTION_FAILED";
	case trunks::TRUNKS_RC_READ_ERROR:
	return "TRUNKS_RC_READ_ERROR";
	case trunks::TRUNKS_RC_WRITE_ERROR:
	return "TRUNKS_RC_WRITE_ERROR";
	case trunks::TRUNKS_RC_IPC_ERROR:
	return "TRUNKS_RC_IPC_ERROR";
	case trunks::TRUNKS_RC_SESSION_SETUP_ERROR:
	return "TRUNKS_RC_SESSION_SETUP_ERROR";
	case trunks::TCTI_RC_TRY_AGAIN:
	return "TCTI_RC_TRY_AGAIN";
	case trunks::TCTI_RC_GENERAL_FAILURE:
	return "TCTI_RC_GENERAL_FAILURE";
	case trunks::TCTI_RC_BAD_CONTEXT:
	return "TCTI_RC_BAD_CONTEXT";
	case trunks::TCTI_RC_WRONG_ABI_VERSION:
	return "TCTI_RC_WRONG_ABI_VERSION";
	case trunks::TCTI_RC_NOT_IMPLEMENTED:
	return "TCTI_RC_NOT_IMPLEMENTED";
	case trunks::TCTI_RC_BAD_PARAMETER:
	return "TCTI_RC_BAD_PARAMETER";
	case trunks::TCTI_RC_INSUFFICIENT_BUFFER:
	return "TCTI_RC_INSUFFICIENT_BUFFER";
	case trunks::TCTI_RC_NO_CONNECTION:
	return "TCTI_RC_NO_CONNECTION";
	case trunks::TCTI_RC_DRIVER_NOT_FOUND:
	return "TCTI_RC_DRIVER_NOT_FOUND";
	case trunks::TCTI_RC_DRIVERINFO_NOT_FOUND:
	return "TCTI_RC_DRIVERINFO_NOT_FOUND";
	case trunks::TCTI_RC_NO_RESPONSE:
	return "TCTI_RC_NO_RESPONSE";
	case trunks::TCTI_RC_BAD_VALUE:
	return "TCTI_RC_BAD_VALUE";
	case trunks::SAPI_RC_INVALID_SESSIONS:
	return "SAPI_RC_INVALID_SESSIONS";
	case trunks::SAPI_RC_ABI_MISMATCH:
	return "SAPI_RC_ABI_MISMATCH";
	case trunks::SAPI_RC_INSUFFICIENT_BUFFER:
	return "SAPI_RC_INSUFFICIENT_BUFFER";
	case trunks::SAPI_RC_BAD_PARAMETER:
	return "SAPI_RC_BAD_PARAMETER";
	case trunks::SAPI_RC_BAD_SEQUENCE:
	return "SAPI_RC_BAD_SEQUENCE";
	case trunks::SAPI_RC_NO_DECRYPT_PARAM:
	return "SAPI_RC_NO_DECRYPT_PARAM";
	case trunks::SAPI_RC_NO_ENCRYPT_PARAM:
	return "SAPI_RC_NO_ENCRYPT_PARAM";
	case trunks::SAPI_RC_NO_RESPONSE_RECEIVED:
	return "SAPI_RC_NO_RESPONSE_RECEIVED";
	case trunks::SAPI_RC_BAD_SIZE:
	return "SAPI_RC_BAD_SIZE";
	case trunks::SAPI_RC_CORRUPTED_DATA:
	return "SAPI_RC_CORRUPTED_DATA";
	case trunks::SAPI_RC_INSUFFICIENT_CONTEXT:
	return "SAPI_RC_INSUFFICIENT_CONTEXT";
	case trunks::SAPI_RC_INSUFFICIENT_RESPONSE:
	return "SAPI_RC_INSUFFICIENT_RESPONSE";
	case trunks::SAPI_RC_INCOMPATIBLE_TCTI:
	return "SAPI_RC_INCOMPATIBLE_TCTI";
	case trunks::SAPI_RC_MALFORMED_RESPONSE:
	return "SAPI_RC_MALFORMED_RESPONSE";
	case trunks::SAPI_RC_BAD_TCTI_STRUCTURE:
	return "SAPI_RC_BAD_TCTI_STRUCTURE";
	default:
	return std::string();
	}
	NOTREACHED();
	return std::string();
	}

	bool IsFormatOne(trunks::TPM_RC error) {
	return (error & kLayerMask) == 0 && (error & trunks::RC_FMT1) != 0;
	}

	} // namespace

	namespace trunks {

	std::string GetErrorString(TPM_RC error) {
	std::string error_string = GetErrorStringInternal(error);
	if (!error_string.empty()) {
	return error_string;
	}
	std::stringstream ss;
	if ((error & kLayerMask) == kResourceManagerTpmErrorBase) {
	error &= ~kLayerMask;
	error_string = GetErrorStringInternal(error);
	ss << "Resource Manager: ";
	}
	// Check if we have a TPM 'Format-One' response code.
	if (IsFormatOne(error)) {
	if (error & TPM_RC_P) {
	ss << "Parameter ";
	} else if (error & TPM_RC_S) {
	ss << "Session ";
	} else {
	ss << "Handle ";
	}
	// Bits 8-10 specify which handle / parameter / session.
	ss << ((error & kFormatOneSubjectMask) >> 8) << ": ";
	// Mask out everything but the format bit and error number.
	error_string = GetErrorStringInternal(error & kFormatOneErrorMask);
	if (!error_string.empty()) {
	ss << error_string;
	}
	}
	if (error_string.empty()) {
	ss << "Unknown error: " << error << " (0x" << std::hex << error << ")";
	}
	return ss.str();
	}

	TPM_RC GetFormatOneError(TPM_RC error) {
	if (IsFormatOne(error)) {
	return (error & kFormatOneErrorMask);
	}
	return error;
	}

	std::string CreateErrorResponse(TPM_RC error_code) {
	const uint32_t kErrorResponseSize = 10;
	std::string response;
	CHECK_EQ(Serialize_TPM_ST(TPM_ST_NO_SESSIONS, &response), TPM_RC_SUCCESS);
	CHECK_EQ(Serialize_UINT32(kErrorResponseSize, &response), TPM_RC_SUCCESS);
	CHECK_EQ(Serialize_TPM_RC(error_code, &response), TPM_RC_SUCCESS);
	return response;
	}

	} // namespace trunks