DLSYM_ARG(Tss2_MU_TPM2B_PUBLIC_Unmarshal));
}
-struct tpm2_context {
- ESYS_CONTEXT *esys_context;
- void *tcti_dl;
- TSS2_TCTI_CONTEXT *tcti_context;
-};
-
-static void tpm2_context_destroy(struct tpm2_context *c) {
+void tpm2_context_destroy(struct tpm2_context *c) {
assert(c);
if (c->esys_context)
sym_Esys_Finalize(c);
}
-static inline void Esys_Freep(void *p) {
- if (*(void**) p)
- sym_Esys_Free(*(void**) p);
-}
-
-static ESYS_TR flush_context_verbose(ESYS_CONTEXT *c, ESYS_TR handle) {
+ESYS_TR tpm2_flush_context_verbose(ESYS_CONTEXT *c, ESYS_TR handle) {
TSS2_RC rc;
if (!c || handle == ESYS_TR_NONE)
return ESYS_TR_NONE;
}
-static int tpm2_init(const char *device, struct tpm2_context *ret) {
+int tpm2_context_init(const char *device, struct tpm2_context *ret) {
_cleanup_(Esys_Finalize_wrapper) ESYS_CONTEXT *c = NULL;
_cleanup_free_ TSS2_TCTI_CONTEXT *tcti = NULL;
_cleanup_(dlclosep) void *dl = NULL;
return 0;
}
-static void tpm2_pcr_mask_to_selection(uint32_t mask, uint16_t bank, TPML_PCR_SELECTION *ret) {
+void tpm2_pcr_mask_to_selection(uint32_t mask, uint16_t bank, TPML_PCR_SELECTION *ret) {
assert(ret);
/* We only do 24bit here, as that's what PC TPMs are supposed to support */
session = ESYS_TR_NONE;
}
- session = flush_context_verbose(c, session);
+ session = tpm2_flush_context_verbose(c, session);
return 0;
}
r = 0;
finish:
- session = flush_context_verbose(c, session);
+ session = tpm2_flush_context_verbose(c, session);
return r;
}
start = now(CLOCK_MONOTONIC);
- r = tpm2_init(device, &c);
+ r = tpm2_context_init(device, &c);
if (r < 0)
return r;
finish:
explicit_bzero_safe(&hmac_sensitive, sizeof(hmac_sensitive));
- primary = flush_context_verbose(c.esys_context, primary);
- session = flush_context_verbose(c.esys_context, session);
+ primary = tpm2_flush_context_verbose(c.esys_context, primary);
+ session = tpm2_flush_context_verbose(c.esys_context, session);
return r;
}
return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
"Failed to unmarshal public key: %s", sym_Tss2_RC_Decode(rc));
- r = tpm2_init(device, &c);
+ r = tpm2_context_init(device, &c);
if (r < 0)
return r;
r = 0;
finish:
- primary = flush_context_verbose(c.esys_context, primary);
- session = flush_context_verbose(c.esys_context, session);
- hmac_key = flush_context_verbose(c.esys_context, hmac_key);
+ primary = tpm2_flush_context_verbose(c.esys_context, primary);
+ session = tpm2_flush_context_verbose(c.esys_context, session);
+ hmac_key = tpm2_flush_context_verbose(c.esys_context, hmac_key);
return r;
}
int tpm2_seal(const char *device, uint32_t pcr_mask, const char *pin, void **ret_secret, size_t *ret_secret_size, void **ret_blob, size_t *ret_blob_size, void **ret_pcr_hash, size_t *ret_pcr_hash_size, uint16_t *ret_pcr_bank, uint16_t *ret_primary_alg);
int tpm2_unseal(const char *device, uint32_t pcr_mask, uint16_t pcr_bank, uint16_t primary_alg, const void *blob, size_t blob_size, const void *pcr_hash, size_t pcr_hash_size, const char *pin, void **ret_secret, size_t *ret_secret_size);
+struct tpm2_context {
+ void *tcti_dl;
+ TSS2_TCTI_CONTEXT *tcti_context;
+ ESYS_CONTEXT *esys_context;
+};
+
+ESYS_TR tpm2_flush_context_verbose(ESYS_CONTEXT *c, ESYS_TR handle);
+
+void tpm2_pcr_mask_to_selection(uint32_t mask, uint16_t bank, TPML_PCR_SELECTION *ret);
+
+static inline void Esys_Freep(void *p) {
+ if (*(void**) p)
+ sym_Esys_Free(*(void**) p);
+}
+
+#else
+struct tpm2_context;
#endif
+int tpm2_context_init(const char *device, struct tpm2_context *ret);
+void tpm2_context_destroy(struct tpm2_context *c);
+
int tpm2_list_devices(void);
int tpm2_find_device_auto(int log_level, char **ret);
projects / thirdparty / systemd.git / commitdiff
