Commit | Line | Data |
---|---|---|
2e19e101 SG |
1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* | |
3 | * Copyright (C) 2004 IBM Corporation | |
4 | * Copyright (C) 2014 Intel Corporation | |
5 | */ | |
6 | ||
f2219745 JB |
7 | #include <linux/asn1_encoder.h> |
8 | #include <linux/oid_registry.h> | |
2e19e101 SG |
9 | #include <linux/string.h> |
10 | #include <linux/err.h> | |
11 | #include <linux/tpm.h> | |
12 | #include <linux/tpm_command.h> | |
13 | ||
14 | #include <keys/trusted-type.h> | |
15 | #include <keys/trusted_tpm.h> | |
16 | ||
f2219745 JB |
17 | #include <asm/unaligned.h> |
18 | ||
19 | #include "tpm2key.asn1.h" | |
20 | ||
2e19e101 SG |
21 | static struct tpm2_hash tpm2_hash_map[] = { |
22 | {HASH_ALGO_SHA1, TPM_ALG_SHA1}, | |
23 | {HASH_ALGO_SHA256, TPM_ALG_SHA256}, | |
24 | {HASH_ALGO_SHA384, TPM_ALG_SHA384}, | |
25 | {HASH_ALGO_SHA512, TPM_ALG_SHA512}, | |
26 | {HASH_ALGO_SM3_256, TPM_ALG_SM3_256}, | |
27 | }; | |
28 | ||
f2219745 JB |
29 | static u32 tpm2key_oid[] = { 2, 23, 133, 10, 1, 5 }; |
30 | ||
31 | static int tpm2_key_encode(struct trusted_key_payload *payload, | |
32 | struct trusted_key_options *options, | |
33 | u8 *src, u32 len) | |
34 | { | |
35 | const int SCRATCH_SIZE = PAGE_SIZE; | |
36 | u8 *scratch = kmalloc(SCRATCH_SIZE, GFP_KERNEL); | |
37 | u8 *work = scratch, *work1; | |
38 | u8 *end_work = scratch + SCRATCH_SIZE; | |
39 | u8 *priv, *pub; | |
40 | u16 priv_len, pub_len; | |
41 | ||
42 | priv_len = get_unaligned_be16(src) + 2; | |
43 | priv = src; | |
44 | ||
45 | src += priv_len; | |
46 | ||
47 | pub_len = get_unaligned_be16(src) + 2; | |
48 | pub = src; | |
49 | ||
50 | if (!scratch) | |
51 | return -ENOMEM; | |
52 | ||
53 | work = asn1_encode_oid(work, end_work, tpm2key_oid, | |
54 | asn1_oid_len(tpm2key_oid)); | |
55 | ||
56 | if (options->blobauth_len == 0) { | |
57 | unsigned char bool[3], *w = bool; | |
58 | /* tag 0 is emptyAuth */ | |
59 | w = asn1_encode_boolean(w, w + sizeof(bool), true); | |
60 | if (WARN(IS_ERR(w), "BUG: Boolean failed to encode")) | |
61 | return PTR_ERR(w); | |
62 | work = asn1_encode_tag(work, end_work, 0, bool, w - bool); | |
63 | } | |
64 | ||
65 | /* | |
66 | * Assume both octet strings will encode to a 2 byte definite length | |
67 | * | |
68 | * Note: For a well behaved TPM, this warning should never | |
69 | * trigger, so if it does there's something nefarious going on | |
70 | */ | |
71 | if (WARN(work - scratch + pub_len + priv_len + 14 > SCRATCH_SIZE, | |
72 | "BUG: scratch buffer is too small")) | |
73 | return -EINVAL; | |
74 | ||
75 | work = asn1_encode_integer(work, end_work, options->keyhandle); | |
76 | work = asn1_encode_octet_string(work, end_work, pub, pub_len); | |
77 | work = asn1_encode_octet_string(work, end_work, priv, priv_len); | |
78 | ||
79 | work1 = payload->blob; | |
80 | work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob), | |
81 | scratch, work - scratch); | |
82 | if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) | |
83 | return PTR_ERR(work1); | |
84 | ||
85 | return work1 - payload->blob; | |
86 | } | |
87 | ||
88 | struct tpm2_key_context { | |
89 | u32 parent; | |
90 | const u8 *pub; | |
91 | u32 pub_len; | |
92 | const u8 *priv; | |
93 | u32 priv_len; | |
94 | }; | |
95 | ||
96 | static int tpm2_key_decode(struct trusted_key_payload *payload, | |
97 | struct trusted_key_options *options, | |
98 | u8 **buf) | |
99 | { | |
100 | int ret; | |
101 | struct tpm2_key_context ctx; | |
102 | u8 *blob; | |
103 | ||
104 | memset(&ctx, 0, sizeof(ctx)); | |
105 | ||
106 | ret = asn1_ber_decoder(&tpm2key_decoder, &ctx, payload->blob, | |
107 | payload->blob_len); | |
108 | if (ret < 0) | |
109 | return ret; | |
110 | ||
111 | if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE) | |
112 | return -EINVAL; | |
113 | ||
114 | blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL); | |
115 | if (!blob) | |
116 | return -ENOMEM; | |
117 | ||
118 | *buf = blob; | |
119 | options->keyhandle = ctx.parent; | |
120 | ||
121 | memcpy(blob, ctx.priv, ctx.priv_len); | |
122 | blob += ctx.priv_len; | |
123 | ||
124 | memcpy(blob, ctx.pub, ctx.pub_len); | |
125 | ||
126 | return 0; | |
127 | } | |
128 | ||
129 | int tpm2_key_parent(void *context, size_t hdrlen, | |
130 | unsigned char tag, | |
131 | const void *value, size_t vlen) | |
132 | { | |
133 | struct tpm2_key_context *ctx = context; | |
134 | const u8 *v = value; | |
135 | int i; | |
136 | ||
137 | ctx->parent = 0; | |
138 | for (i = 0; i < vlen; i++) { | |
139 | ctx->parent <<= 8; | |
140 | ctx->parent |= v[i]; | |
141 | } | |
142 | ||
143 | return 0; | |
144 | } | |
145 | ||
146 | int tpm2_key_type(void *context, size_t hdrlen, | |
147 | unsigned char tag, | |
148 | const void *value, size_t vlen) | |
149 | { | |
150 | enum OID oid = look_up_OID(value, vlen); | |
151 | ||
152 | if (oid != OID_TPMSealedData) { | |
153 | char buffer[50]; | |
154 | ||
155 | sprint_oid(value, vlen, buffer, sizeof(buffer)); | |
156 | pr_debug("OID is \"%s\" which is not TPMSealedData\n", | |
157 | buffer); | |
158 | return -EINVAL; | |
159 | } | |
160 | ||
161 | return 0; | |
162 | } | |
163 | ||
164 | int tpm2_key_pub(void *context, size_t hdrlen, | |
165 | unsigned char tag, | |
166 | const void *value, size_t vlen) | |
167 | { | |
168 | struct tpm2_key_context *ctx = context; | |
169 | ||
170 | ctx->pub = value; | |
171 | ctx->pub_len = vlen; | |
172 | ||
173 | return 0; | |
174 | } | |
175 | ||
176 | int tpm2_key_priv(void *context, size_t hdrlen, | |
177 | unsigned char tag, | |
178 | const void *value, size_t vlen) | |
179 | { | |
180 | struct tpm2_key_context *ctx = context; | |
181 | ||
182 | ctx->priv = value; | |
183 | ctx->priv_len = vlen; | |
184 | ||
185 | return 0; | |
186 | } | |
187 | ||
2e19e101 | 188 | /** |
2a415274 | 189 | * tpm2_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer. |
2e19e101 SG |
190 | * |
191 | * @buf: an allocated tpm_buf instance | |
192 | * @session_handle: session handle | |
193 | * @nonce: the session nonce, may be NULL if not used | |
194 | * @nonce_len: the session nonce length, may be 0 if not used | |
195 | * @attributes: the session attributes | |
196 | * @hmac: the session HMAC or password, may be NULL if not used | |
197 | * @hmac_len: the session HMAC or password length, maybe 0 if not used | |
198 | */ | |
199 | static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, | |
200 | const u8 *nonce, u16 nonce_len, | |
201 | u8 attributes, | |
202 | const u8 *hmac, u16 hmac_len) | |
203 | { | |
204 | tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); | |
205 | tpm_buf_append_u32(buf, session_handle); | |
206 | tpm_buf_append_u16(buf, nonce_len); | |
207 | ||
208 | if (nonce && nonce_len) | |
209 | tpm_buf_append(buf, nonce, nonce_len); | |
210 | ||
211 | tpm_buf_append_u8(buf, attributes); | |
212 | tpm_buf_append_u16(buf, hmac_len); | |
213 | ||
214 | if (hmac && hmac_len) | |
215 | tpm_buf_append(buf, hmac, hmac_len); | |
216 | } | |
217 | ||
218 | /** | |
219 | * tpm2_seal_trusted() - seal the payload of a trusted key | |
220 | * | |
221 | * @chip: TPM chip to use | |
222 | * @payload: the key data in clear and encrypted form | |
223 | * @options: authentication values and other options | |
224 | * | |
225 | * Return: < 0 on error and 0 on success. | |
226 | */ | |
227 | int tpm2_seal_trusted(struct tpm_chip *chip, | |
228 | struct trusted_key_payload *payload, | |
229 | struct trusted_key_options *options) | |
230 | { | |
40813f18 JS |
231 | off_t offset = TPM_HEADER_SIZE; |
232 | struct tpm_buf buf, sized; | |
f2219745 | 233 | int blob_len = 0; |
2e19e101 | 234 | u32 hash; |
e5fb5d2c | 235 | u32 flags; |
2e19e101 SG |
236 | int i; |
237 | int rc; | |
238 | ||
239 | for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { | |
240 | if (options->hash == tpm2_hash_map[i].crypto_id) { | |
241 | hash = tpm2_hash_map[i].tpm_id; | |
242 | break; | |
243 | } | |
244 | } | |
245 | ||
246 | if (i == ARRAY_SIZE(tpm2_hash_map)) | |
247 | return -EINVAL; | |
248 | ||
f2219745 JB |
249 | if (!options->keyhandle) |
250 | return -EINVAL; | |
251 | ||
9d5171ea | 252 | rc = tpm_try_get_ops(chip); |
2e19e101 SG |
253 | if (rc) |
254 | return rc; | |
255 | ||
52ce7d97 JB |
256 | rc = tpm2_start_auth_session(chip); |
257 | if (rc) | |
258 | goto out_put; | |
259 | ||
8c657a05 JS |
260 | rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); |
261 | if (rc) { | |
52ce7d97 JB |
262 | tpm2_end_auth_session(chip); |
263 | goto out_put; | |
8c657a05 JS |
264 | } |
265 | ||
40813f18 JS |
266 | rc = tpm_buf_init_sized(&sized); |
267 | if (rc) { | |
268 | tpm_buf_destroy(&buf); | |
52ce7d97 JB |
269 | tpm2_end_auth_session(chip); |
270 | goto out_put; | |
40813f18 JS |
271 | } |
272 | ||
52ce7d97 JB |
273 | tpm_buf_append_name(chip, &buf, options->keyhandle, NULL); |
274 | tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_DECRYPT, | |
275 | options->keyauth, TPM_DIGEST_SIZE); | |
2e19e101 SG |
276 | |
277 | /* sensitive */ | |
40813f18 | 278 | tpm_buf_append_u16(&sized, options->blobauth_len); |
de66514d | 279 | |
de66514d | 280 | if (options->blobauth_len) |
40813f18 | 281 | tpm_buf_append(&sized, options->blobauth, options->blobauth_len); |
2e19e101 | 282 | |
40813f18 JS |
283 | tpm_buf_append_u16(&sized, payload->key_len); |
284 | tpm_buf_append(&sized, payload->key, payload->key_len); | |
285 | tpm_buf_append(&buf, sized.data, sized.length); | |
2e19e101 SG |
286 | |
287 | /* public */ | |
40813f18 JS |
288 | tpm_buf_reset_sized(&sized); |
289 | tpm_buf_append_u16(&sized, TPM_ALG_KEYEDHASH); | |
290 | tpm_buf_append_u16(&sized, hash); | |
2e19e101 | 291 | |
e5fb5d2c JB |
292 | /* key properties */ |
293 | flags = 0; | |
294 | flags |= options->policydigest_len ? 0 : TPM2_OA_USER_WITH_AUTH; | |
40813f18 JS |
295 | flags |= payload->migratable ? 0 : (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT); |
296 | tpm_buf_append_u32(&sized, flags); | |
e5fb5d2c | 297 | |
2e19e101 | 298 | /* policy */ |
40813f18 | 299 | tpm_buf_append_u16(&sized, options->policydigest_len); |
e5fb5d2c | 300 | if (options->policydigest_len) |
40813f18 | 301 | tpm_buf_append(&sized, options->policydigest, options->policydigest_len); |
2e19e101 SG |
302 | |
303 | /* public parameters */ | |
40813f18 JS |
304 | tpm_buf_append_u16(&sized, TPM_ALG_NULL); |
305 | tpm_buf_append_u16(&sized, 0); | |
306 | ||
307 | tpm_buf_append(&buf, sized.data, sized.length); | |
2e19e101 SG |
308 | |
309 | /* outside info */ | |
310 | tpm_buf_append_u16(&buf, 0); | |
311 | ||
312 | /* creation PCR */ | |
313 | tpm_buf_append_u32(&buf, 0); | |
314 | ||
315 | if (buf.flags & TPM_BUF_OVERFLOW) { | |
316 | rc = -E2BIG; | |
52ce7d97 | 317 | tpm2_end_auth_session(chip); |
2e19e101 SG |
318 | goto out; |
319 | } | |
320 | ||
52ce7d97 | 321 | tpm_buf_fill_hmac_session(chip, &buf); |
8c657a05 | 322 | rc = tpm_transmit_cmd(chip, &buf, 4, "sealing data"); |
52ce7d97 | 323 | rc = tpm_buf_check_hmac_response(chip, &buf, rc); |
2e19e101 SG |
324 | if (rc) |
325 | goto out; | |
326 | ||
40813f18 JS |
327 | blob_len = tpm_buf_read_u32(&buf, &offset); |
328 | if (blob_len > MAX_BLOB_SIZE || buf.flags & TPM_BUF_BOUNDARY_ERROR) { | |
2e19e101 SG |
329 | rc = -E2BIG; |
330 | goto out; | |
331 | } | |
40813f18 | 332 | if (buf.length - offset < blob_len) { |
2e19e101 SG |
333 | rc = -EFAULT; |
334 | goto out; | |
335 | } | |
336 | ||
40813f18 | 337 | blob_len = tpm2_key_encode(payload, options, &buf.data[offset], blob_len); |
2e19e101 SG |
338 | |
339 | out: | |
40813f18 | 340 | tpm_buf_destroy(&sized); |
2e19e101 SG |
341 | tpm_buf_destroy(&buf); |
342 | ||
343 | if (rc > 0) { | |
344 | if (tpm2_rc_value(rc) == TPM2_RC_HASH) | |
345 | rc = -EINVAL; | |
346 | else | |
347 | rc = -EPERM; | |
348 | } | |
f2219745 | 349 | if (blob_len < 0) |
b3ad7855 BB |
350 | rc = blob_len; |
351 | else | |
352 | payload->blob_len = blob_len; | |
2e19e101 | 353 | |
52ce7d97 | 354 | out_put: |
8c657a05 | 355 | tpm_put_ops(chip); |
2e19e101 SG |
356 | return rc; |
357 | } | |
358 | ||
359 | /** | |
360 | * tpm2_load_cmd() - execute a TPM2_Load command | |
361 | * | |
362 | * @chip: TPM chip to use | |
363 | * @payload: the key data in clear and encrypted form | |
364 | * @options: authentication values and other options | |
365 | * @blob_handle: returned blob handle | |
366 | * | |
367 | * Return: 0 on success. | |
368 | * -E2BIG on wrong payload size. | |
369 | * -EPERM on tpm error status. | |
370 | * < 0 error from tpm_send. | |
371 | */ | |
372 | static int tpm2_load_cmd(struct tpm_chip *chip, | |
373 | struct trusted_key_payload *payload, | |
374 | struct trusted_key_options *options, | |
375 | u32 *blob_handle) | |
376 | { | |
377 | struct tpm_buf buf; | |
378 | unsigned int private_len; | |
379 | unsigned int public_len; | |
380 | unsigned int blob_len; | |
e5fb5d2c | 381 | u8 *blob, *pub; |
2e19e101 | 382 | int rc; |
e5fb5d2c | 383 | u32 attrs; |
2e19e101 | 384 | |
f2219745 JB |
385 | rc = tpm2_key_decode(payload, options, &blob); |
386 | if (rc) { | |
387 | /* old form */ | |
388 | blob = payload->blob; | |
389 | payload->old_format = 1; | |
390 | } | |
391 | ||
392 | /* new format carries keyhandle but old format doesn't */ | |
393 | if (!options->keyhandle) | |
394 | return -EINVAL; | |
2e19e101 | 395 | |
f2219745 JB |
396 | /* must be big enough for at least the two be16 size counts */ |
397 | if (payload->blob_len < 4) | |
398 | return -EINVAL; | |
399 | ||
400 | private_len = get_unaligned_be16(blob); | |
401 | ||
402 | /* must be big enough for following public_len */ | |
403 | if (private_len + 2 + 2 > (payload->blob_len)) | |
404 | return -E2BIG; | |
405 | ||
406 | public_len = get_unaligned_be16(blob + 2 + private_len); | |
407 | if (private_len + 2 + public_len + 2 > payload->blob_len) | |
2e19e101 SG |
408 | return -E2BIG; |
409 | ||
e5fb5d2c JB |
410 | pub = blob + 2 + private_len + 2; |
411 | /* key attributes are always at offset 4 */ | |
412 | attrs = get_unaligned_be32(pub + 4); | |
413 | ||
414 | if ((attrs & (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT)) == | |
415 | (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT)) | |
416 | payload->migratable = 0; | |
417 | else | |
418 | payload->migratable = 1; | |
419 | ||
2e19e101 SG |
420 | blob_len = private_len + public_len + 4; |
421 | if (blob_len > payload->blob_len) | |
422 | return -E2BIG; | |
423 | ||
52ce7d97 | 424 | rc = tpm2_start_auth_session(chip); |
2e19e101 SG |
425 | if (rc) |
426 | return rc; | |
427 | ||
52ce7d97 JB |
428 | rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD); |
429 | if (rc) { | |
430 | tpm2_end_auth_session(chip); | |
431 | return rc; | |
432 | } | |
433 | ||
434 | tpm_buf_append_name(chip, &buf, options->keyhandle, NULL); | |
435 | tpm_buf_append_hmac_session(chip, &buf, 0, options->keyauth, | |
436 | TPM_DIGEST_SIZE); | |
2e19e101 | 437 | |
f2219745 | 438 | tpm_buf_append(&buf, blob, blob_len); |
2e19e101 SG |
439 | |
440 | if (buf.flags & TPM_BUF_OVERFLOW) { | |
441 | rc = -E2BIG; | |
52ce7d97 | 442 | tpm2_end_auth_session(chip); |
2e19e101 SG |
443 | goto out; |
444 | } | |
445 | ||
52ce7d97 | 446 | tpm_buf_fill_hmac_session(chip, &buf); |
8c657a05 | 447 | rc = tpm_transmit_cmd(chip, &buf, 4, "loading blob"); |
52ce7d97 | 448 | rc = tpm_buf_check_hmac_response(chip, &buf, rc); |
2e19e101 SG |
449 | if (!rc) |
450 | *blob_handle = be32_to_cpup( | |
451 | (__be32 *) &buf.data[TPM_HEADER_SIZE]); | |
452 | ||
453 | out: | |
f2219745 JB |
454 | if (blob != payload->blob) |
455 | kfree(blob); | |
2e19e101 SG |
456 | tpm_buf_destroy(&buf); |
457 | ||
458 | if (rc > 0) | |
459 | rc = -EPERM; | |
460 | ||
461 | return rc; | |
462 | } | |
463 | ||
464 | /** | |
465 | * tpm2_unseal_cmd() - execute a TPM2_Unload command | |
466 | * | |
467 | * @chip: TPM chip to use | |
468 | * @payload: the key data in clear and encrypted form | |
469 | * @options: authentication values and other options | |
470 | * @blob_handle: blob handle | |
471 | * | |
472 | * Return: 0 on success | |
473 | * -EPERM on tpm error status | |
474 | * < 0 error from tpm_send | |
475 | */ | |
476 | static int tpm2_unseal_cmd(struct tpm_chip *chip, | |
477 | struct trusted_key_payload *payload, | |
478 | struct trusted_key_options *options, | |
479 | u32 blob_handle) | |
480 | { | |
481 | struct tpm_buf buf; | |
482 | u16 data_len; | |
483 | u8 *data; | |
484 | int rc; | |
485 | ||
52ce7d97 | 486 | rc = tpm2_start_auth_session(chip); |
2e19e101 SG |
487 | if (rc) |
488 | return rc; | |
489 | ||
52ce7d97 JB |
490 | rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); |
491 | if (rc) { | |
492 | tpm2_end_auth_session(chip); | |
493 | return rc; | |
494 | } | |
495 | ||
496 | tpm_buf_append_name(chip, &buf, blob_handle, NULL); | |
497 | ||
498 | if (!options->policyhandle) { | |
499 | tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_ENCRYPT, | |
500 | options->blobauth, | |
501 | options->blobauth_len); | |
502 | } else { | |
503 | /* | |
504 | * FIXME: The policy session was generated outside the | |
505 | * kernel so we don't known the nonce and thus can't | |
506 | * calculate a HMAC on it. Therefore, the user can | |
507 | * only really use TPM2_PolicyPassword and we must | |
508 | * send down the plain text password, which could be | |
509 | * intercepted. We can still encrypt the returned | |
510 | * key, but that's small comfort since the interposer | |
511 | * could repeat our actions with the exfiltrated | |
512 | * password. | |
513 | */ | |
514 | tpm2_buf_append_auth(&buf, options->policyhandle, | |
515 | NULL /* nonce */, 0, 0, | |
516 | options->blobauth, options->blobauth_len); | |
517 | tpm_buf_append_hmac_session_opt(chip, &buf, TPM2_SA_ENCRYPT, | |
518 | NULL, 0); | |
519 | } | |
2e19e101 | 520 | |
52ce7d97 | 521 | tpm_buf_fill_hmac_session(chip, &buf); |
8c657a05 | 522 | rc = tpm_transmit_cmd(chip, &buf, 6, "unsealing"); |
52ce7d97 | 523 | rc = tpm_buf_check_hmac_response(chip, &buf, rc); |
2e19e101 SG |
524 | if (rc > 0) |
525 | rc = -EPERM; | |
526 | ||
527 | if (!rc) { | |
528 | data_len = be16_to_cpup( | |
529 | (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); | |
e5fb5d2c | 530 | if (data_len < MIN_KEY_SIZE || data_len > MAX_KEY_SIZE) { |
2e19e101 SG |
531 | rc = -EFAULT; |
532 | goto out; | |
533 | } | |
534 | ||
535 | if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 6 + data_len) { | |
536 | rc = -EFAULT; | |
537 | goto out; | |
538 | } | |
539 | data = &buf.data[TPM_HEADER_SIZE + 6]; | |
540 | ||
e5fb5d2c JB |
541 | if (payload->old_format) { |
542 | /* migratable flag is at the end of the key */ | |
543 | memcpy(payload->key, data, data_len - 1); | |
544 | payload->key_len = data_len - 1; | |
545 | payload->migratable = data[data_len - 1]; | |
546 | } else { | |
547 | /* | |
548 | * migratable flag already collected from key | |
549 | * attributes | |
550 | */ | |
551 | memcpy(payload->key, data, data_len); | |
552 | payload->key_len = data_len; | |
553 | } | |
2e19e101 SG |
554 | } |
555 | ||
556 | out: | |
557 | tpm_buf_destroy(&buf); | |
558 | return rc; | |
559 | } | |
560 | ||
561 | /** | |
562 | * tpm2_unseal_trusted() - unseal the payload of a trusted key | |
563 | * | |
564 | * @chip: TPM chip to use | |
565 | * @payload: the key data in clear and encrypted form | |
566 | * @options: authentication values and other options | |
567 | * | |
568 | * Return: Same as with tpm_send. | |
569 | */ | |
570 | int tpm2_unseal_trusted(struct tpm_chip *chip, | |
571 | struct trusted_key_payload *payload, | |
572 | struct trusted_key_options *options) | |
573 | { | |
574 | u32 blob_handle; | |
575 | int rc; | |
576 | ||
8c657a05 | 577 | rc = tpm_try_get_ops(chip); |
2e19e101 SG |
578 | if (rc) |
579 | return rc; | |
580 | ||
8c657a05 JS |
581 | rc = tpm2_load_cmd(chip, payload, options, &blob_handle); |
582 | if (rc) | |
583 | goto out; | |
584 | ||
2e19e101 | 585 | rc = tpm2_unseal_cmd(chip, payload, options, blob_handle); |
45477b3f | 586 | tpm2_flush_context(chip, blob_handle); |
2e19e101 | 587 | |
8c657a05 JS |
588 | out: |
589 | tpm_put_ops(chip); | |
590 | ||
2e19e101 SG |
591 | return rc; |
592 | } |