tpm2-tss 3.2.1
TPM Software stack 2.0 TCG spec compliant implementation
ifapi_keystore.h
1/* SPDX-License-Identifier: BSD-2-Clause */
2/*******************************************************************************
3 * Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG
4 * All rights reserved.
5 ******************************************************************************/
6
7#ifndef IFAPI_KEYSTORE_H
8#define IFAPI_KEYSTORE_H
9
10#include <stdlib.h>
11
12#include "tss2_common.h"
13#include "tss2_tpm2_types.h"
14#include "fapi_types.h"
15#include "ifapi_policy_types.h"
16#include "tss2_esys.h"
17
18typedef UINT32 IFAPI_OBJECT_TYPE_CONSTANT;
19#define IFAPI_OBJ_NONE 0
20#define IFAPI_KEY_OBJ 1
21#define IFAPI_NV_OBJ 2
22#define IFAPI_EXT_PUB_KEY_OBJ 3
23#define IFAPI_HIERARCHY_OBJ 4
24#define IFAPI_DUPLICATE_OBJ 5
28typedef struct {
30 TPM2B_PUBLIC public;
32 UINT8_ARY private;
34 TPM2B_CREATION_DATA creationData;
35 TPMT_TK_CREATION creationTicket;
39 TPMT_SIG_SCHEME signing_scheme;
40 TPM2B_NAME name;
41 TPMI_YES_NO with_auth;
42 UINT32 reset_count;
43 TPMI_YES_NO delete_prohibited;
44 TPMI_YES_NO ek_profile;
46} IFAPI_KEY;
47
50typedef struct {
53 TPM2B_PUBLIC public;
55
58typedef struct {
59 TPMI_YES_NO with_auth;
61 TPM2B_DIGEST authPolicy;
62 ESYS_TR esysHandle;
64 TPM2B_NAME name;
66
69typedef struct {
70 TPM2B_NV_PUBLIC public;
72 UINT32 hierarchy;
76 TPMI_YES_NO with_auth;
77 char* event_log;
78} IFAPI_NV;
79
82typedef struct {
83
84 TPM2B_PRIVATE duplicate;
85 TPM2B_ENCRYPTED_SECRET encrypted_seed;
86 TPM2B_PUBLIC public;
87 TPM2B_PUBLIC public_parent;
91
94typedef union {
101
103enum FAPI_SEARCH_STATE {
104 KSEARCH_INIT = 0,
105 KSEARCH_SEARCH_OBJECT,
106 KSEARCH_READ
107};
108
111typedef struct {
112 size_t path_idx;
113 size_t numPaths;
114 char **pathlist;
115 enum FAPI_SEARCH_STATE state;
117
118typedef struct IFAPI_KEYSTORE {
119 char *systemdir;
120 char *userdir;
121 char *defaultprofile;
122 IFAPI_KEY_SEARCH key_search;
123 const char* rel_path;
125
126
128enum IFAPI_AUTHORIZATION_STATE {
129 AUTH_INIT = 0,
130 AUTH_CHECK_POLICY,
131 AUTH_CREATE_SESSION,
132 AUTH_EXEC_POLICY,
133 AUTH_FLUSH_OLD_POLICY,
134 AUTH_DONE
135};
136
138enum IFAPI_IO_STATE {
139 IO_INIT = 0,
140 IO_ACTIVE,
141};
142
145typedef struct _IFAPI_OBJECT {
146 TPMS_POLICY *policy;
147 IFAPI_OBJECT_TYPE_CONSTANT objectType;
149 TPMI_YES_NO system;
152 enum IFAPI_AUTHORIZATION_STATE authorization_state;
153 enum IFAPI_IO_STATE state;
154 const char *rel_path;
157
158TSS2_RC
159ifapi_check_valid_path(const char *path);
160
161TSS2_RC
163 IFAPI_KEYSTORE *keystore,
164 const char *config_systemdir,
165 const char *config_userdir,
166 const char *config_defaultprofile);
167
168TSS2_RC
170 IFAPI_KEYSTORE *keystore,
171 IFAPI_IO *io,
172 const char *path);
173
174TSS2_RC
175ifapi_keystore_load_finish(
176 IFAPI_KEYSTORE *keystore,
177 IFAPI_IO *io,
178 IFAPI_OBJECT *object);
179
180TSS2_RC
182 IFAPI_KEYSTORE *keystore,
183 const char *path,
184 const IFAPI_OBJECT *object);
185
186TSS2_RC
188 IFAPI_KEYSTORE *keystore,
189 IFAPI_IO *io,
190 const char *path,
191 const IFAPI_OBJECT *object);
192
193TSS2_RC
194ifapi_keystore_store_finish(
195 IFAPI_IO *io);
196
197TSS2_RC
199 IFAPI_KEYSTORE *keystore,
200 const char *searchpath,
201 char ***results,
202 size_t *numresults);
203
204TSS2_RC
206 IFAPI_KEYSTORE *keystore,
207 char *path);
208
209TSS2_RC
211 IFAPI_KEYSTORE *keystore,
212 const char *dir_name);
213
214TSS2_RC
216 IFAPI_KEYSTORE *keystore,
217 IFAPI_IO *io,
218 TPM2B_NAME *name,
219 char **found_path);
220
221TSS2_RC
223 IFAPI_KEYSTORE *keystore,
224 IFAPI_IO *io,
225 TPM2B_NV_PUBLIC *nv_public,
226 char **found_path);
227
228TSS2_RC
229ifapi_keystore_check_overwrite(
230 IFAPI_KEYSTORE *keystore,
231 const char *path);
232
233TSS2_RC
234ifapi_keystore_check_writeable(
235 IFAPI_KEYSTORE *keystore,
236 const char *path);
237
238TSS2_RC
240 IFAPI_KEY * dest,
241 const IFAPI_KEY * src);
242
243TSS2_RC
245 IFAPI_HIERARCHY * dest,
246 const IFAPI_HIERARCHY * src);
247
248TSS2_RC
250 IFAPI_OBJECT * dest,
251 const IFAPI_OBJECT * src);
252
253TSS2_RC
255 IFAPI_OBJECT * dest,
256 const IFAPI_OBJECT * src);
257
258
260 IFAPI_KEY * key);
261
263 IFAPI_EXT_PUB_KEY * key);
264
266 IFAPI_HIERARCHY * hierarchy);
267
269 IFAPI_NV * nv);
270
272 IFAPI_DUPLICATE * duplicate);
273
274void ifapi_cleanup_ifapi_key_search(
275 IFAPI_KEY_SEARCH * key_search);
276
278 IFAPI_KEYSTORE * keystore);
279
280void
282 IFAPI_OBJECT *object);
283
284TSS2_RC
285ifapi_check_provisioned(
286 IFAPI_KEYSTORE *keystore,
287 const char *rel_path,
288 bool *ok);
289
290#endif /* IFAPI_KEYSTORE_H */
uint32_t ESYS_TR
Definition: tss2_esys.h:16
TSS2_RC ifapi_copy_ifapi_key_object(IFAPI_OBJECT *dest, const IFAPI_OBJECT *src)
Definition: ifapi_keystore.c:1638
TSS2_RC ifapi_keystore_object_does_not_exist(IFAPI_KEYSTORE *keystore, const char *path, const IFAPI_OBJECT *object)
Definition: ifapi_keystore.c:753
TSS2_RC ifapi_keystore_search_obj(IFAPI_KEYSTORE *keystore, IFAPI_IO *io, TPM2B_NAME *name, char **found_path)
Definition: ifapi_keystore.c:1244
TSS2_RC ifapi_copy_ifapi_hierarchy_object(IFAPI_OBJECT *dest, const IFAPI_OBJECT *src)
Definition: ifapi_keystore.c:1686
TSS2_RC ifapi_copy_ifapi_key(IFAPI_KEY *dest, const IFAPI_KEY *src)
Definition: ifapi_keystore.c:1455
TSS2_RC ifapi_copy_ifapi_hierarchy(IFAPI_HIERARCHY *dest, const IFAPI_HIERARCHY *src)
Definition: ifapi_keystore.c:1511
TSS2_RC ifapi_keystore_load_async(IFAPI_KEYSTORE *keystore, IFAPI_IO *io, const char *path)
Definition: ifapi_keystore.c:564
TSS2_RC ifapi_keystore_delete(IFAPI_KEYSTORE *keystore, char *path)
Definition: ifapi_keystore.c:959
TSS2_RC ifapi_keystore_remove_directories(IFAPI_KEYSTORE *keystore, const char *dir_name)
Definition: ifapi_keystore.c:1042
TSS2_RC ifapi_keystore_search_nv_obj(IFAPI_KEYSTORE *keystore, IFAPI_IO *io, TPM2B_NV_PUBLIC *nv_public, char **found_path)
Definition: ifapi_keystore.c:1282
TSS2_RC ifapi_keystore_list_all(IFAPI_KEYSTORE *keystore, const char *searchpath, char ***results, size_t *numresults)
Definition: ifapi_keystore.c:920
TSS2_RC ifapi_keystore_initialize(IFAPI_KEYSTORE *keystore, const char *config_systemdir, const char *config_userdir, const char *config_defaultprofile)
Definition: ifapi_keystore.c:423
void ifapi_cleanup_ifapi_hierarchy(IFAPI_HIERARCHY *hierarchy)
Definition: ifapi_keystore.c:1573
void ifapi_cleanup_ifapi_ext_pub_key(IFAPI_EXT_PUB_KEY *key)
Definition: ifapi_keystore.c:1559
void ifapi_cleanup_ifapi_object(IFAPI_OBJECT *object)
Definition: ifapi_keystore.c:1726
void ifapi_cleanup_ifapi_keystore(IFAPI_KEYSTORE *keystore)
Definition: ifapi_keystore.c:1616
TSS2_RC ifapi_keystore_store_async(IFAPI_KEYSTORE *keystore, IFAPI_IO *io, const char *path, const IFAPI_OBJECT *object)
Definition: ifapi_keystore.c:674
void ifapi_cleanup_ifapi_duplicate(IFAPI_DUPLICATE *duplicate)
Definition: ifapi_keystore.c:1603
void ifapi_cleanup_ifapi_key(IFAPI_KEY *key)
Definition: ifapi_keystore.c:1541
void ifapi_cleanup_ifapi_nv(IFAPI_NV *nv)
Definition: ifapi_keystore.c:1586
Definition: ifapi_keystore.h:145
TPMI_YES_NO system
Definition: ifapi_keystore.h:149
enum IFAPI_AUTHORIZATION_STATE authorization_state
Definition: ifapi_keystore.h:152
ESYS_TR handle
Definition: ifapi_keystore.h:151
const char * rel_path
Definition: ifapi_keystore.h:154
IFAPI_OBJECT_UNION misc
Definition: ifapi_keystore.h:148
IFAPI_OBJECT_TYPE_CONSTANT objectType
Definition: ifapi_keystore.h:147
Definition: ifapi_keystore.h:82
TPM2B_PRIVATE duplicate
Definition: ifapi_keystore.h:84
TPMS_POLICY * policy
Definition: ifapi_keystore.h:89
TPM2B_ENCRYPTED_SECRET encrypted_seed
Definition: ifapi_keystore.h:85
TPM2B_PUBLIC public_parent
Definition: ifapi_keystore.h:87
char * certificate
Definition: ifapi_keystore.h:88
Definition: ifapi_keystore.h:50
char * pem_ext_public
Definition: ifapi_keystore.h:51
char * certificate
Definition: ifapi_keystore.h:52
Definition: ifapi_keystore.h:58
bool authorized
Definition: ifapi_keystore.h:63
TPMI_YES_NO with_auth
Definition: ifapi_keystore.h:59
char * description
Definition: ifapi_keystore.h:60
TPM2B_NAME name
Definition: ifapi_keystore.h:64
Definition: ifapi_io.h:15
Definition: ifapi_keystore.h:111
char ** pathlist
Definition: ifapi_keystore.h:114
size_t numPaths
Definition: ifapi_keystore.h:113
size_t path_idx
Definition: ifapi_keystore.h:112
Definition: ifapi_keystore.h:28
char * policyInstance
Definition: ifapi_keystore.h:33
UINT8_ARY serialization
Definition: ifapi_keystore.h:31
TPMI_YES_NO ek_profile
Definition: ifapi_keystore.h:44
UINT32 persistent_handle
Definition: ifapi_keystore.h:29
TPM2B_CREATION_DATA creationData
Definition: ifapi_keystore.h:34
TPMI_YES_NO delete_prohibited
Definition: ifapi_keystore.h:43
TPMI_YES_NO with_auth
Definition: ifapi_keystore.h:41
char * description
Definition: ifapi_keystore.h:36
UINT32 reset_count
Definition: ifapi_keystore.h:42
TPM2B_NAME name
Definition: ifapi_keystore.h:40
UINT8_ARY appData
Definition: ifapi_keystore.h:37
char * certificate
Definition: ifapi_keystore.h:38
TPMT_TK_CREATION creationTicket
Definition: ifapi_keystore.h:35
TPMT_SIG_SCHEME signing_scheme
Definition: ifapi_keystore.h:39
Definition: ifapi_keystore.h:118
Definition: ifapi_keystore.h:69
char * policyInstance
Definition: ifapi_keystore.h:73
UINT8_ARY serialization
Definition: ifapi_keystore.h:71
TPMI_YES_NO with_auth
Definition: ifapi_keystore.h:76
UINT32 hierarchy
Definition: ifapi_keystore.h:72
char * description
Definition: ifapi_keystore.h:74
UINT8_ARY appData
Definition: ifapi_keystore.h:75
char * event_log
Definition: ifapi_keystore.h:77
Definition: ifapi_policy_types.h:291
Definition: fapi_types.h:15
Definition: ifapi_keystore.h:94
IFAPI_HIERARCHY hierarchy
Definition: ifapi_keystore.h:99
IFAPI_KEY key
Definition: ifapi_keystore.h:96
IFAPI_EXT_PUB_KEY ext_pub_key
Definition: ifapi_keystore.h:95
IFAPI_DUPLICATE key_tree
Definition: ifapi_keystore.h:98
IFAPI_NV nv
Definition: ifapi_keystore.h:97