From fc53809803cd2bc2434e312b19a18fa36776da12 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 12 Jun 2024 05:50:40 +0200 Subject: Adding upstream version 256. Signed-off-by: Daniel Baumann --- src/shared/cryptsetup-tpm2.h | 108 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) create mode 100644 src/shared/cryptsetup-tpm2.h (limited to 'src/shared/cryptsetup-tpm2.h') diff --git a/src/shared/cryptsetup-tpm2.h b/src/shared/cryptsetup-tpm2.h new file mode 100644 index 0000000..b9905f4 --- /dev/null +++ b/src/shared/cryptsetup-tpm2.h @@ -0,0 +1,108 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include + +#include "ask-password-api.h" +#include "cryptsetup-util.h" +#include "log.h" +#include "time-util.h" +#include "tpm2-util.h" + +#if HAVE_TPM2 + +int acquire_tpm2_key( + const char *volume_name, + const char *device, + uint32_t hash_pcr_mask, + uint16_t pcr_bank, + const struct iovec *pubkey, + uint32_t pubkey_pcr_mask, + const char *signature_path, + const char *pcrlock_path, + uint16_t primary_alg, + const char *key_file, + size_t key_file_size, + uint64_t key_file_offset, + const struct iovec *key_data, + const struct iovec *policy_hash, + const struct iovec *salt, + const struct iovec *srk, + const struct iovec *pcrlock_nv, + TPM2Flags flags, + usec_t until, + const char *askpw_credential, + AskPasswordFlags askpw_flags, + struct iovec *ret_decrypted_key); + +int find_tpm2_auto_data( + struct crypt_device *cd, + uint32_t search_pcr_mask, + int start_token, + uint32_t *ret_hash_pcr_mask, + uint16_t *ret_pcr_bank, + struct iovec *ret_pubkey, + uint32_t *ret_pubkey_pcr_mask, + uint16_t *ret_primary_alg, + struct iovec *ret_blob, + struct iovec *ret_policy_hash, + struct iovec *ret_salt, + struct iovec *ret_srk, + struct iovec *ret_pcrlock_nv, + TPM2Flags *ret_flags, + int *ret_keyslot, + int *ret_token); + +#else + +static inline int acquire_tpm2_key( + const char *volume_name, + const char *device, + uint32_t hash_pcr_mask, + uint16_t pcr_bank, + const struct iovec *pubkey, + uint32_t pubkey_pcr_mask, + const char *signature_path, + const char *pcrlock_path, + uint16_t primary_alg, + const char *key_file, + size_t key_file_size, + uint64_t key_file_offset, + const struct iovec *key_data, + const struct iovec *policy_hash, + const struct iovec *salt, + const struct iovec *srk, + const struct iovec *pcrlock_nv, + TPM2Flags flags, + usec_t until, + const char *askpw_credential, + AskPasswordFlags askpw_flags, + struct iovec *ret_decrypted_key) { + + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "TPM2 support not available."); +} + +static inline int find_tpm2_auto_data( + struct crypt_device *cd, + uint32_t search_pcr_mask, + int start_token, + uint32_t *ret_hash_pcr_mask, + uint16_t *ret_pcr_bank, + struct iovec *ret_pubkey, + uint32_t *ret_pubkey_pcr_mask, + uint16_t *ret_primary_alg, + struct iovec *ret_blob, + struct iovec *ret_policy_hash, + struct iovec *ret_salt, + struct iovec *ret_srk, + struct iovec *ret_pcrlock_nv, + TPM2Flags *ret_flags, + int *ret_keyslot, + int *ret_token) { + + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "TPM2 support not available."); +} + +#endif -- cgit v1.2.3