Skip to main content

tss_esapi/context/
general_esys_tr.rs

1// Copyright 2021 Contributors to the Parsec project.
2// SPDX-License-Identifier: Apache-2.0
3use crate::{
4    context::handle_manager::HandleDropAction,
5    handles::ObjectHandle,
6    handles::{handle_conversion::TryIntoNotNone, TpmHandle},
7    structures::Auth,
8    structures::Name,
9    tss2_esys::{Esys_TR_Close, Esys_TR_FromTPMPublic, Esys_TR_GetName, Esys_TR_SetAuth},
10    Context, Error, Result,
11};
12use log::error;
13use std::convert::TryFrom;
14use std::ptr::null_mut;
15use zeroize::Zeroize;
16
17impl Context {
18    /// Set the authentication value for a given object handle in the ESYS context.
19    pub fn tr_set_auth(&mut self, object_handle: ObjectHandle, auth: Auth) -> Result<()> {
20        let mut auth_value = auth.into();
21        let ret = unsafe { Esys_TR_SetAuth(self.mut_context(), object_handle.into(), &auth_value) };
22        auth_value.buffer.zeroize();
23        let ret = Error::from_tss_rc(ret);
24        if ret.is_success() {
25            Ok(())
26        } else {
27            error!("Error when setting authentication value: {}", ret);
28            Err(ret)
29        }
30    }
31
32    /// Retrieve the name of an object from the object handle
33    pub fn tr_get_name(&mut self, object_handle: ObjectHandle) -> Result<Name> {
34        let mut name_ptr = null_mut();
35        let ret =
36            unsafe { Esys_TR_GetName(self.mut_context(), object_handle.into(), &mut name_ptr) };
37        let ret = Error::from_tss_rc(ret);
38        if ret.is_success() {
39            Name::try_from(Context::ffi_data_to_owned(name_ptr))
40        } else {
41            error!("Error in getting name: {}", ret);
42            Err(ret)
43        }
44    }
45
46    /// Used to construct an esys object from the resources inside the TPM.
47    pub fn tr_from_tpm_public(&mut self, tpm_handle: TpmHandle) -> Result<ObjectHandle> {
48        let mut object = ObjectHandle::None.into();
49        let ret = unsafe {
50            Esys_TR_FromTPMPublic(
51                self.mut_context(),
52                tpm_handle.into(),
53                self.optional_session_1(),
54                self.optional_session_2(),
55                self.optional_session_3(),
56                &mut object,
57            )
58        };
59        let ret = Error::from_tss_rc(ret);
60        if ret.is_success() {
61            self.handle_manager.add_handle(
62                object.into(),
63                if tpm_handle.may_be_flushed() {
64                    HandleDropAction::Flush
65                } else {
66                    HandleDropAction::Close
67                },
68            )?;
69            Ok(object.into())
70        } else {
71            error!("Error when getting ESYS handle from TPM handle: {}", ret);
72            Err(ret)
73        }
74    }
75
76    /// Instructs the ESAPI to release the metadata and resources allocated for a specific ObjectHandle.
77    ///
78    /// This is useful for cleaning up handles for which the context cannot be flushed.
79    pub fn tr_close(&mut self, object_handle: &mut ObjectHandle) -> Result<()> {
80        let mut rsrc_handle = object_handle.try_into_not_none()?;
81        let ret = unsafe { Esys_TR_Close(self.mut_context(), &mut rsrc_handle) };
82        let ret = Error::from_tss_rc(ret);
83        if ret.is_success() {
84            self.handle_manager.set_as_closed(*object_handle)?;
85            *object_handle = ObjectHandle::from(rsrc_handle);
86            Ok(())
87        } else {
88            error!("Error when closing an ESYS handle: {}", ret);
89            Err(ret)
90        }
91    }
92
93    // Missing function: Esys_TR_Serialize
94    // Missing function: Esys_TR_Deserialize
95}