From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 19 Oct 2023 15:51:26 +0000 (+0200)
Subject: tpm2-util: add helper for setting TPM2B_AUTH in binary
X-Git-Tag: v255-rc1~27^2~13
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f7be7a245e0b074311d7369623831715187b62a7;p=thirdparty%2Fsystemd.git

tpm2-util: add helper for setting TPM2B_AUTH in binary
---

diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
index a62fd3c6c00..783e44145d3 100644
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -3000,9 +3000,25 @@ int tpm2_get_pin_auth(TPMI_ALG_HASH hash, const char *pin, TPM2B_AUTH *ret_auth)
         return 0;
 }
 
-static int tpm2_set_auth(Tpm2Context *c, const Tpm2Handle *handle, const char *pin) {
-        TPM2B_AUTH auth = {};
+int tpm2_set_auth_binary(Tpm2Context *c, const Tpm2Handle *handle, const TPM2B_AUTH *auth) {
         TSS2_RC rc;
+
+        assert(c);
+        assert(handle);
+
+        if (!auth)
+                return 0;
+
+        rc = sym_Esys_TR_SetAuth(c->esys_context, handle->esys_handle, auth);
+        if (rc != TSS2_RC_SUCCESS)
+                return log_debug_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+                                       "Failed to load PIN in TPM: %s", sym_Tss2_RC_Decode(rc));
+
+        return 0;
+}
+
+int tpm2_set_auth(Tpm2Context *c, const Tpm2Handle *handle, const char *pin) {
+        TPM2B_AUTH auth = {};
         int r;
 
         assert(c);
@@ -3017,12 +3033,7 @@ static int tpm2_set_auth(Tpm2Context *c, const Tpm2Handle *handle, const char *p
         if (r < 0)
                 return r;
 
-        rc = sym_Esys_TR_SetAuth(c->esys_context, handle->esys_handle, &auth);
-        if (rc != TSS2_RC_SUCCESS)
-                return log_debug_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
-                                       "Failed to load PIN in TPM: %s", sym_Tss2_RC_Decode(rc));
-
-        return 0;
+        return tpm2_set_auth_binary(c, handle, &auth);
 }
 
 static bool tpm2_is_encryption_session(Tpm2Context *c, const Tpm2Handle *session) {
diff --git a/src/shared/tpm2-util.h b/src/shared/tpm2-util.h
index 7444cef02eb..b6940dbab10 100644
--- a/src/shared/tpm2-util.h
+++ b/src/shared/tpm2-util.h
@@ -201,6 +201,8 @@ int tpm2_pcr_read(Tpm2Context *c, const TPML_PCR_SELECTION *pcr_selection, Tpm2P
 int tpm2_pcr_read_missing_values(Tpm2Context *c, Tpm2PCRValue *pcr_values, size_t n_pcr_values);
 
 int tpm2_get_pin_auth(TPMI_ALG_HASH hash, const char *pin, TPM2B_AUTH *ret_auth);
+int tpm2_set_auth(Tpm2Context *c, const Tpm2Handle *handle, const char *pin);
+int tpm2_set_auth_binary(Tpm2Context *c, const Tpm2Handle *handle, const TPM2B_AUTH *auth);
 
 int tpm2_make_policy_session(Tpm2Context *c, const Tpm2Handle *primary, const Tpm2Handle *encryption_session, Tpm2Handle **ret_session);
 int tpm2_policy_auth_value(Tpm2Context *c, const Tpm2Handle *session, TPM2B_DIGEST **ret_policy_digest);