[thirdparty/systemd.git] / src / shared / cryptsetup-tpm2.h

/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once

#include <sys/types.h>

#include "ask-password-api.h"
#include "cryptsetup-util.h"
#include "log.h"
#include "time-util.h"
#include "tpm2-util.h"

#if HAVE_TPM2

int acquire_tpm2_key(
                const char *volume_name,
                const char *device,
                uint32_t hash_pcr_mask,
                uint16_t pcr_bank,
                const struct iovec *pubkey,
                uint32_t pubkey_pcr_mask,
                const char *signature_path,
                const char *pcrlock_path,
                uint16_t primary_alg,
                const char *key_file,
                size_t key_file_size,
                uint64_t key_file_offset,
                const struct iovec blobs[],
                size_t n_blobs,
                const struct iovec policy_hash[],
                size_t n_policy_hash,
                const struct iovec *salt,
                const struct iovec *srk,
                const struct iovec *pcrlock_nv,
                TPM2Flags flags,
                usec_t until,
                const char *askpw_credential,
                AskPasswordFlags askpw_flags,
                struct iovec *ret_decrypted_key);

int find_tpm2_auto_data(
                struct crypt_device *cd,
                uint32_t search_pcr_mask,
                int start_token,
                uint32_t *ret_hash_pcr_mask,
                uint16_t *ret_pcr_bank,
                struct iovec *ret_pubkey,
                uint32_t *ret_pubkey_pcr_mask,
                uint16_t *ret_primary_alg,
                struct iovec **ret_blobs,
                size_t *ret_n_blobs,
                struct iovec **ret_policy_hash,
                size_t *ret_n_policy_hash,
                struct iovec *ret_salt,
                struct iovec *ret_srk,
                struct iovec *ret_pcrlock_nv,
                TPM2Flags *ret_flags,
                int *ret_keyslot,
                int *ret_token);

#else

static inline int acquire_tpm2_key(
                const char *volume_name,
                const char *device,
                uint32_t hash_pcr_mask,
                uint16_t pcr_bank,
                const struct iovec *pubkey,
                uint32_t pubkey_pcr_mask,
                const char *signature_path,
                const char *pcrlock_path,
                uint16_t primary_alg,
                const char *key_file,
                size_t key_file_size,
                uint64_t key_file_offset,
                const struct iovec blobs[],
                size_t n_blobs,
                const struct iovec policy_hash[],
                size_t n_policy_hash,
                const struct iovec *salt,
                const struct iovec *srk,
                const struct iovec *pcrlock_nv,
                TPM2Flags flags,
                usec_t until,
                const char *askpw_credential,
                AskPasswordFlags askpw_flags,
                struct iovec *ret_decrypted_key) {

        return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
                               "TPM2 support not available.");
}

static inline int find_tpm2_auto_data(
                struct crypt_device *cd,
                uint32_t search_pcr_mask,
                int start_token,
                uint32_t *ret_hash_pcr_mask,
                uint16_t *ret_pcr_bank,
                struct iovec *ret_pubkey,
                uint32_t *ret_pubkey_pcr_mask,
                uint16_t *ret_primary_alg,
                struct iovec **ret_blobs,
                size_t *ret_n_blobs,
                struct iovec **ret_policy_hash,
                size_t *ret_n_policy_hash,
                struct iovec *ret_salt,
                struct iovec *ret_srk,
                struct iovec *ret_pcrlock_nv,
                TPM2Flags *ret_flags,
                int *ret_keyslot,
                int *ret_token) {

        return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
                               "TPM2 support not available.");
}

#endif
Commit	Line	Data
18843ecc LP	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
	2	#pragma once
	3
	4	#include <sys/types.h>
	5
bea344a1	6	#include "ask-password-api.h"
18843ecc LP	7	#include "cryptsetup-util.h"
	8	#include "log.h"
	9	#include "time-util.h"
bea344a1	10	#include "tpm2-util.h"
18843ecc LP	11
	12	#if HAVE_TPM2
	13
	14	int acquire_tpm2_key(
	15	const char *volume_name,
	16	const char *device,
dc63b2c9	17	uint32_t hash_pcr_mask,
07697bfe	18	uint16_t pcr_bank,
8d042bc4	19	const struct iovec *pubkey,
dc63b2c9 LP	20	uint32_t pubkey_pcr_mask,
dc63b2c9 LP	21	const char *signature_path,
404aea78	22	const char *pcrlock_path,
2b92a672	23	uint16_t primary_alg,
18843ecc LP	24	const char *key_file,
	25	size_t key_file_size,
	26	uint64_t key_file_offset,
8e658767 LP	27	const struct iovec blobs[],
	28	size_t n_blobs,
	29	const struct iovec policy_hash[],
	30	size_t n_policy_hash,
8d042bc4 LP	31	const struct iovec *salt,
8d042bc4 LP	32	const struct iovec *srk,
d37c312b	33	const struct iovec *pcrlock_nv,
bea344a1 GG	34	TPM2Flags flags,
bea344a1 GG	35	usec_t until,
b3a63584 LP	36	const char *askpw_credential,
b3a63584 LP	37	AskPasswordFlags askpw_flags,
8d042bc4	38	struct iovec *ret_decrypted_key);
18843ecc LP	39
	40	int find_tpm2_auto_data(
	41	struct crypt_device *cd,
	42	uint32_t search_pcr_mask,
	43	int start_token,
dc63b2c9	44	uint32_t *ret_hash_pcr_mask,
07697bfe	45	uint16_t *ret_pcr_bank,
8d042bc4	46	struct iovec *ret_pubkey,
dc63b2c9	47	uint32_t *ret_pubkey_pcr_mask,
2b92a672	48	uint16_t *ret_primary_alg,
8e658767 LP	49	struct iovec **ret_blobs,
	50	size_t *ret_n_blobs,
	51	struct iovec **ret_policy_hash,
	52	size_t *ret_n_policy_hash,
8d042bc4 LP	53	struct iovec *ret_salt,
8d042bc4 LP	54	struct iovec *ret_srk,
d37c312b	55	struct iovec *ret_pcrlock_nv,
fdf6c27c	56	TPM2Flags *ret_flags,
18843ecc	57	int *ret_keyslot,
fdf6c27c	58	int *ret_token);
18843ecc LP	59
	60	#else
	61
	62	static inline int acquire_tpm2_key(
	63	const char *volume_name,
	64	const char *device,
dc63b2c9	65	uint32_t hash_pcr_mask,
07697bfe	66	uint16_t pcr_bank,
8d042bc4	67	const struct iovec *pubkey,
dc63b2c9 LP	68	uint32_t pubkey_pcr_mask,
dc63b2c9 LP	69	const char *signature_path,
404aea78	70	const char *pcrlock_path,
2b92a672	71	uint16_t primary_alg,
18843ecc LP	72	const char *key_file,
	73	size_t key_file_size,
	74	uint64_t key_file_offset,
8e658767 LP	75	const struct iovec blobs[],
	76	size_t n_blobs,
	77	const struct iovec policy_hash[],
	78	size_t n_policy_hash,
8d042bc4 LP	79	const struct iovec *salt,
8d042bc4 LP	80	const struct iovec *srk,
d37c312b	81	const struct iovec *pcrlock_nv,
bea344a1 GG	82	TPM2Flags flags,
bea344a1 GG	83	usec_t until,
b3a63584 LP	84	const char *askpw_credential,
b3a63584 LP	85	AskPasswordFlags askpw_flags,
8d042bc4	86	struct iovec *ret_decrypted_key) {
18843ecc LP	87
	88	return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
	89	"TPM2 support not available.");
	90	}
	91
	92	static inline int find_tpm2_auto_data(
	93	struct crypt_device *cd,
	94	uint32_t search_pcr_mask,
	95	int start_token,
dc63b2c9	96	uint32_t *ret_hash_pcr_mask,
07697bfe	97	uint16_t *ret_pcr_bank,
8d042bc4	98	struct iovec *ret_pubkey,
dc63b2c9	99	uint32_t *ret_pubkey_pcr_mask,
2b92a672	100	uint16_t *ret_primary_alg,
8e658767 LP	101	struct iovec **ret_blobs,
	102	size_t *ret_n_blobs,
	103	struct iovec **ret_policy_hash,
	104	size_t *ret_n_policy_hash,
8d042bc4 LP	105	struct iovec *ret_salt,
8d042bc4 LP	106	struct iovec *ret_srk,
d37c312b	107	struct iovec *ret_pcrlock_nv,
fdf6c27c	108	TPM2Flags *ret_flags,
18843ecc	109	int *ret_keyslot,
fdf6c27c	110	int *ret_token) {
18843ecc LP	111
	112	return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
	113	"TPM2 support not available.");
	114	}
	115
	116	#endif