system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-09-06 16:56:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #29674 from poettering/unexport-marshal-blob

Browse source 
tpm2-util: make tpm2_marshal_blob()/tpm2_unmarshal_blob() static
This commit is contained in:
Luca Boccassi 2023-10-23 11:43:15 +01:00 committed by GitHub
parent 24aeaf4e7f add8091c97
commit f04333210b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
src/shared/tpm2-util.c
View file

@ -749,6 +749,35 @@ int tpm2_handle_new(Tpm2Context *context, Tpm2Handle **ret_handle) {
return 0;
}
static int tpm2_read_public(
Tpm2Context *c,
const Tpm2Handle *session,
const Tpm2Handle *handle,
TPM2B_PUBLIC **ret_public,
TPM2B_NAME **ret_name,
TPM2B_NAME **ret_qname) {
TSS2_RC rc;
assert(c);
assert(handle);
rc = sym_Esys_ReadPublic(
c->esys_context,
handle->esys_handle,
session ? session->esys_handle : ESYS_TR_NONE,
ESYS_TR_NONE,
ESYS_TR_NONE,
ret_public,
ret_name,
ret_qname);
if (rc != TSS2_RC_SUCCESS)
return log_debug_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
"Failed to read public info: %s", sym_Tss2_RC_Decode(rc));
return 0;
}
/* Create a Tpm2Handle object that references a pre-existing handle in the TPM, at the handle index provided.
* This should be used only for persistent, transient, or NV handles; and the handle must already exist in
* the TPM at the specified handle index. The handle index should not be 0. Returns 1 if found, 0 if the
@ -1003,35 +1032,6 @@ static int tpm2_credit_random(Tpm2Context *c) {
return 0;
}
int tpm2_read_public(
Tpm2Context *c,
const Tpm2Handle *session,
const Tpm2Handle *handle,
TPM2B_PUBLIC **ret_public,
TPM2B_NAME **ret_name,
TPM2B_NAME **ret_qname) {
TSS2_RC rc;
assert(c);
assert(handle);
rc = sym_Esys_ReadPublic(
c->esys_context,
handle->esys_handle,
session ? session->esys_handle : ESYS_TR_NONE,
ESYS_TR_NONE,
ESYS_TR_NONE,
ret_public,
ret_name,
ret_qname);
if (rc != TSS2_RC_SUCCESS)
return log_debug_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
"Failed to read public info: %s", sym_Tss2_RC_Decode(rc));
return 0;
}
/* Get one of the legacy primary key templates.
*
* The legacy templates should only be used for older sealed data that did not use the SRK. Instead of a
@ -3817,7 +3817,7 @@ int tpm2_tpm2b_public_from_pem(const void *pem, size_t pem_size, TPM2B_PUBLIC *r
/* Marshal the public and private objects into a single nonstandard 'blob'. This is not a (publicly) standard
* format, this is specific to how we currently store the sealed object. This 'blob' can be unmarshalled by
* tpm2_unmarshal_blob(). */
int tpm2_marshal_blob(
static int tpm2_marshal_blob(
const TPM2B_PUBLIC *public,
const TPM2B_PRIVATE *private,
void **ret_blob,
@ -3856,7 +3856,7 @@ int tpm2_marshal_blob(
/* Unmarshal the 'blob' into public and private objects. This is not a (publicly) standard format, this is
* specific to how we currently store the sealed object. This expects the 'blob' to have been created by
* tpm2_marshal_blob(). */
int tpm2_unmarshal_blob(
static int tpm2_unmarshal_blob(
const void *blob,
size_t blob_size,
TPM2B_PUBLIC *ret_public,
@ -4109,7 +4109,7 @@ int tpm2_seal(Tpm2Context *c,
log_debug("Marshalling private and public part of HMAC key.");
_cleanup_free_ void *blob = NULL;
size_t blob_size;
size_t blob_size = 0;
r = tpm2_marshal_blob(public, private, &blob, &blob_size);
if (r < 0)
return log_debug_errno(r, "Could not create sealed blob: %m");

5
src/shared/tpm2-util.h
View file

@ -187,8 +187,6 @@ void tpm2_log_debug_name(const TPM2B_NAME *name, const char *msg);
int tpm2_index_to_handle(Tpm2Context *c, TPM2_HANDLE index, const Tpm2Handle *session, TPM2B_PUBLIC **ret_public, TPM2B_NAME **ret_name, TPM2B_NAME **ret_qname, Tpm2Handle **ret_handle);
int tpm2_index_from_handle(Tpm2Context *c, const Tpm2Handle *handle, TPM2_HANDLE *ret_index);
int tpm2_read_public(Tpm2Context *c, const Tpm2Handle *session, const Tpm2Handle *handle, TPM2B_PUBLIC **ret_public, TPM2B_NAME **ret_name, TPM2B_NAME **ret_qname);
int tpm2_pcr_read(Tpm2Context *c, const TPML_PCR_SELECTION *pcr_selection, Tpm2PCRValue **ret_pcr_values, size_t *ret_n_pcr_values);
int tpm2_pcr_read_missing_values(Tpm2Context *c, Tpm2PCRValue *pcr_values, size_t n_pcr_values);
@ -198,9 +196,6 @@ int tpm2_calculate_policy_authorize(const TPM2B_PUBLIC *public, const TPM2B_DIGE
int tpm2_calculate_policy_pcr(const Tpm2PCRValue *pcr_values, size_t n_pcr_values, TPM2B_DIGEST *digest);
int tpm2_calculate_sealing_policy(const Tpm2PCRValue *pcr_values, size_t n_pcr_values, const TPM2B_PUBLIC *public, bool use_pin, TPM2B_DIGEST *digest);
int tpm2_marshal_blob(const TPM2B_PUBLIC *public, const TPM2B_PRIVATE *private, void **ret_blob, size_t *ret_blob_size);
int tpm2_unmarshal_blob(const void *blob, size_t blob_size, TPM2B_PUBLIC *ret_public, TPM2B_PRIVATE *ret_private);
int tpm2_get_or_create_srk(Tpm2Context *c, const Tpm2Handle *session, TPM2B_PUBLIC **ret_public, TPM2B_NAME **ret_name, TPM2B_NAME **ret_qname, Tpm2Handle **ret_handle);
int tpm2_seal(Tpm2Context *c, uint32_t seal_key_handle, const TPM2B_DIGEST *policy, const char *pin, void **ret_secret, size_t *ret_secret_size, void **ret_blob, size_t *ret_blob_size, uint16_t *ret_primary_alg, void **ret_srk_buf, size_t *ret_srk_buf_size);