// SPDX-License-Identifier: GPL-2.0-only /* * Copyright (C) 2004 IBM Corporation * Copyright (C) 2014 Intel Corporation */ #include <linux/asn1_encoder.h> #include <linux/oid_registry.h> #include <linux/string.h> #include <linux/err.h> #include <linux/tpm.h> #include <linux/tpm_command.h> #include <keys/trusted-type.h> #include <keys/trusted_tpm.h> #include <asm/unaligned.h> #include "tpm2key.asn1.h" static struct tpm2_hash tpm2_hash_map[] = …; static u32 tpm2key_oid[] = …; static int tpm2_key_encode(struct trusted_key_payload *payload, struct trusted_key_options *options, u8 *src, u32 len) { … } struct tpm2_key_context { … }; static int tpm2_key_decode(struct trusted_key_payload *payload, struct trusted_key_options *options, u8 **buf) { … } int tpm2_key_parent(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { … } int tpm2_key_type(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { … } int tpm2_key_pub(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { … } int tpm2_key_priv(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { … } /** * tpm2_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer. * * @buf: an allocated tpm_buf instance * @session_handle: session handle * @nonce: the session nonce, may be NULL if not used * @nonce_len: the session nonce length, may be 0 if not used * @attributes: the session attributes * @hmac: the session HMAC or password, may be NULL if not used * @hmac_len: the session HMAC or password length, maybe 0 if not used */ static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, const u8 *nonce, u16 nonce_len, u8 attributes, const u8 *hmac, u16 hmac_len) { … } /** * tpm2_seal_trusted() - seal the payload of a trusted key * * @chip: TPM chip to use * @payload: the key data in clear and encrypted form * @options: authentication values and other options * * Return: < 0 on error and 0 on success. */ int tpm2_seal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload, struct trusted_key_options *options) { … } /** * tpm2_load_cmd() - execute a TPM2_Load command * * @chip: TPM chip to use * @payload: the key data in clear and encrypted form * @options: authentication values and other options * @blob_handle: returned blob handle * * Return: 0 on success. * -E2BIG on wrong payload size. * -EPERM on tpm error status. * < 0 error from tpm_send. */ static int tpm2_load_cmd(struct tpm_chip *chip, struct trusted_key_payload *payload, struct trusted_key_options *options, u32 *blob_handle) { … } /** * tpm2_unseal_cmd() - execute a TPM2_Unload command * * @chip: TPM chip to use * @payload: the key data in clear and encrypted form * @options: authentication values and other options * @blob_handle: blob handle * * Return: 0 on success * -EPERM on tpm error status * < 0 error from tpm_send */ static int tpm2_unseal_cmd(struct tpm_chip *chip, struct trusted_key_payload *payload, struct trusted_key_options *options, u32 blob_handle) { … } /** * tpm2_unseal_trusted() - unseal the payload of a trusted key * * @chip: TPM chip to use * @payload: the key data in clear and encrypted form * @options: authentication values and other options * * Return: Same as with tpm_send. */ int tpm2_unseal_trusted(struct tpm_chip *chip, struct trusted_key_payload *payload, struct trusted_key_options *options) { … }
Codebase Browser
linux