projects / thirdparty / systemd.git / blame
| Commit | Line | Data |
|---|---|---|
| 18843ecc LP |
1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
| 2 | #pragma once | |
| 3 | ||
| 4 | #include <sys/types.h> | |
| 5 | ||
| bea344a1 | 6 | #include "ask-password-api.h" |
| 18843ecc LP |
7 | #include "cryptsetup-util.h" |
| 8 | #include "log.h" | |
| 9 | #include "time-util.h" | |
| bea344a1 | 10 | #include "tpm2-util.h" |
| 18843ecc LP |
11 | |
| 12 | #if HAVE_TPM2 | |
| 13 | ||
| 14 | int acquire_tpm2_key( | |
| 15 | const char *volume_name, | |
| 16 | const char *device, | |
| dc63b2c9 | 17 | uint32_t hash_pcr_mask, |
| 07697bfe | 18 | uint16_t pcr_bank, |
| dc63b2c9 LP |
19 | const void *pubkey, |
| 20 | size_t pubkey_size, | |
| 21 | uint32_t pubkey_pcr_mask, | |
| 22 | const char *signature_path, | |
| 2b92a672 | 23 | uint16_t primary_alg, |
| 18843ecc LP |
24 | const char *key_file, |
| 25 | size_t key_file_size, | |
| 26 | uint64_t key_file_offset, | |
| 27 | const void *key_data, | |
| 28 | size_t key_data_size, | |
| 29 | const void *policy_hash, | |
| 30 | size_t policy_hash_size, | |
| aae6eb96 WR |
31 | const void *salt, |
| 32 | size_t salt_size, | |
| bea344a1 GG |
33 | TPM2Flags flags, |
| 34 | usec_t until, | |
| 35 | bool headless, | |
| 36 | AskPasswordFlags ask_password_flags, | |
| 18843ecc LP |
37 | void **ret_decrypted_key, |
| 38 | size_t *ret_decrypted_key_size); | |
| 39 | ||
| 40 | int find_tpm2_auto_data( | |
| 41 | struct crypt_device *cd, | |
| 42 | uint32_t search_pcr_mask, | |
| 43 | int start_token, | |
| dc63b2c9 | 44 | uint32_t *ret_hash_pcr_mask, |
| 07697bfe | 45 | uint16_t *ret_pcr_bank, |
| dc63b2c9 LP |
46 | void **ret_pubkey, |
| 47 | size_t *ret_pubkey_size, | |
| 48 | uint32_t *ret_pubkey_pcr_mask, | |
| 2b92a672 | 49 | uint16_t *ret_primary_alg, |
| 18843ecc LP |
50 | void **ret_blob, |
| 51 | size_t *ret_blob_size, | |
| 52 | void **ret_policy_hash, | |
| 53 | size_t *ret_policy_hash_size, | |
| aae6eb96 WR |
54 | void **ret_salt, |
| 55 | size_t *ret_salt_size, | |
| fdf6c27c | 56 | TPM2Flags *ret_flags, |
| 18843ecc | 57 | int *ret_keyslot, |
| fdf6c27c | 58 | int *ret_token); |
| 18843ecc LP |
59 | |
| 60 | #else | |
| 61 | ||
| 62 | static inline int acquire_tpm2_key( | |
| 63 | const char *volume_name, | |
| 64 | const char *device, | |
| dc63b2c9 | 65 | uint32_t hash_pcr_mask, |
| 07697bfe | 66 | uint16_t pcr_bank, |
| dc63b2c9 LP |
67 | const void *pubkey, |
| 68 | size_t pubkey_size, | |
| 69 | uint32_t pubkey_pcr_mask, | |
| 70 | const char *signature_path, | |
| 2b92a672 | 71 | uint16_t primary_alg, |
| 18843ecc LP |
72 | const char *key_file, |
| 73 | size_t key_file_size, | |
| 74 | uint64_t key_file_offset, | |
| 75 | const void *key_data, | |
| 76 | size_t key_data_size, | |
| 77 | const void *policy_hash, | |
| 78 | size_t policy_hash_size, | |
| aae6eb96 WR |
79 | const void *salt, |
| 80 | size_t salt_size, | |
| bea344a1 GG |
81 | TPM2Flags flags, |
| 82 | usec_t until, | |
| 83 | bool headless, | |
| 84 | AskPasswordFlags ask_password_flags, | |
| 18843ecc LP |
85 | void **ret_decrypted_key, |
| 86 | size_t *ret_decrypted_key_size) { | |
| 87 | ||
| 88 | return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), | |
| 89 | "TPM2 support not available."); | |
| 90 | } | |
| 91 | ||
| 92 | static inline int find_tpm2_auto_data( | |
| 93 | struct crypt_device *cd, | |
| 94 | uint32_t search_pcr_mask, | |
| 95 | int start_token, | |
| dc63b2c9 | 96 | uint32_t *ret_hash_pcr_mask, |
| 07697bfe | 97 | uint16_t *ret_pcr_bank, |
| dc63b2c9 LP |
98 | void **ret_pubkey, |
| 99 | size_t *ret_pubkey_size, | |
| 100 | uint32_t *ret_pubkey_pcr_mask, | |
| 2b92a672 | 101 | uint16_t *ret_primary_alg, |
| 18843ecc LP |
102 | void **ret_blob, |
| 103 | size_t *ret_blob_size, | |
| 104 | void **ret_policy_hash, | |
| 105 | size_t *ret_policy_hash_size, | |
| aae6eb96 WR |
106 | void **ret_salt, |
| 107 | size_t *ret_salt_size, | |
| fdf6c27c | 108 | TPM2Flags *ret_flags, |
| 18843ecc | 109 | int *ret_keyslot, |
| fdf6c27c | 110 | int *ret_token) { |
| 18843ecc LP |
111 | |
| 112 | return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), | |
| 113 | "TPM2 support not available."); | |
| 114 | } | |
| 115 | ||
| 116 | #endif |