projects / thirdparty / systemd.git / blame
| Commit | Line | Data |
|---|---|---|
| 18843ecc LP |
1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
| 2 | #pragma once | |
| 3 | ||
| 4 | #include <sys/types.h> | |
| 5 | ||
| bea344a1 | 6 | #include "ask-password-api.h" |
| 18843ecc LP |
7 | #include "cryptsetup-util.h" |
| 8 | #include "log.h" | |
| 9 | #include "time-util.h" | |
| bea344a1 | 10 | #include "tpm2-util.h" |
| 18843ecc LP |
11 | |
| 12 | #if HAVE_TPM2 | |
| 13 | ||
| 14 | int acquire_tpm2_key( | |
| 15 | const char *volume_name, | |
| 16 | const char *device, | |
| dc63b2c9 | 17 | uint32_t hash_pcr_mask, |
| 07697bfe | 18 | uint16_t pcr_bank, |
| 8d042bc4 | 19 | const struct iovec *pubkey, |
| dc63b2c9 LP |
20 | uint32_t pubkey_pcr_mask, |
| 21 | const char *signature_path, | |
| 404aea78 | 22 | const char *pcrlock_path, |
| 2b92a672 | 23 | uint16_t primary_alg, |
| 18843ecc LP |
24 | const char *key_file, |
| 25 | size_t key_file_size, | |
| 26 | uint64_t key_file_offset, | |
| 8d042bc4 LP |
27 | const struct iovec *key_data, |
| 28 | const struct iovec *policy_hash, | |
| 29 | const struct iovec *salt, | |
| 30 | const struct iovec *srk, | |
| bea344a1 GG |
31 | TPM2Flags flags, |
| 32 | usec_t until, | |
| 33 | bool headless, | |
| 34 | AskPasswordFlags ask_password_flags, | |
| 8d042bc4 | 35 | struct iovec *ret_decrypted_key); |
| 18843ecc LP |
36 | |
| 37 | int find_tpm2_auto_data( | |
| 38 | struct crypt_device *cd, | |
| 39 | uint32_t search_pcr_mask, | |
| 40 | int start_token, | |
| dc63b2c9 | 41 | uint32_t *ret_hash_pcr_mask, |
| 07697bfe | 42 | uint16_t *ret_pcr_bank, |
| 8d042bc4 | 43 | struct iovec *ret_pubkey, |
| dc63b2c9 | 44 | uint32_t *ret_pubkey_pcr_mask, |
| 2b92a672 | 45 | uint16_t *ret_primary_alg, |
| 8d042bc4 LP |
46 | struct iovec *ret_blob, |
| 47 | struct iovec *ret_policy_hash, | |
| 48 | struct iovec *ret_salt, | |
| 49 | struct iovec *ret_srk, | |
| fdf6c27c | 50 | TPM2Flags *ret_flags, |
| 18843ecc | 51 | int *ret_keyslot, |
| fdf6c27c | 52 | int *ret_token); |
| 18843ecc LP |
53 | |
| 54 | #else | |
| 55 | ||
| 56 | static inline int acquire_tpm2_key( | |
| 57 | const char *volume_name, | |
| 58 | const char *device, | |
| dc63b2c9 | 59 | uint32_t hash_pcr_mask, |
| 07697bfe | 60 | uint16_t pcr_bank, |
| 8d042bc4 | 61 | const struct iovec *pubkey, |
| dc63b2c9 LP |
62 | uint32_t pubkey_pcr_mask, |
| 63 | const char *signature_path, | |
| 404aea78 | 64 | const char *pcrlock_path, |
| 2b92a672 | 65 | uint16_t primary_alg, |
| 18843ecc LP |
66 | const char *key_file, |
| 67 | size_t key_file_size, | |
| 68 | uint64_t key_file_offset, | |
| 8d042bc4 LP |
69 | const struct iovec *key_data, |
| 70 | const struct iovec *policy_hash, | |
| 71 | const struct iovec *salt, | |
| 72 | const struct iovec *srk, | |
| bea344a1 GG |
73 | TPM2Flags flags, |
| 74 | usec_t until, | |
| 75 | bool headless, | |
| 76 | AskPasswordFlags ask_password_flags, | |
| 8d042bc4 | 77 | struct iovec *ret_decrypted_key) { |
| 18843ecc LP |
78 | |
| 79 | return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), | |
| 80 | "TPM2 support not available."); | |
| 81 | } | |
| 82 | ||
| 83 | static inline int find_tpm2_auto_data( | |
| 84 | struct crypt_device *cd, | |
| 85 | uint32_t search_pcr_mask, | |
| 86 | int start_token, | |
| dc63b2c9 | 87 | uint32_t *ret_hash_pcr_mask, |
| 07697bfe | 88 | uint16_t *ret_pcr_bank, |
| 8d042bc4 | 89 | struct iovec *ret_pubkey, |
| dc63b2c9 | 90 | uint32_t *ret_pubkey_pcr_mask, |
| 2b92a672 | 91 | uint16_t *ret_primary_alg, |
| 8d042bc4 LP |
92 | struct iovec *ret_blob, |
| 93 | struct iovec *ret_policy_hash, | |
| 94 | struct iovec *ret_salt, | |
| 95 | struct iovec *ret_srk, | |
| fdf6c27c | 96 | TPM2Flags *ret_flags, |
| 18843ecc | 97 | int *ret_keyslot, |
| fdf6c27c | 98 | int *ret_token) { |
| 18843ecc LP |
99 | |
| 100 | return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), | |
| 101 | "TPM2 support not available."); | |
| 102 | } | |
| 103 | ||
| 104 | #endif |