Merge pull request #307 from ionut-arm/no-ref

Update API to take ownership where needed

Author: Superhepper

tss-esapi/src/abstraction/ak.rs

@@ -67,7 +67,7 @@ fn create_ak_public<IKC: IntoKeyCustomization>(
                     .with_restricted(obj_attrs.restricted())
                     .build()?,
             )
-            .with_rsa_unique_identifier(&PublicKeyRsa::default())
+            .with_rsa_unique_identifier(PublicKeyRsa::default())
             .build(),
         AsymmetricAlgorithm::Ecc => PublicBuilder::new()
             .with_public_algorithm(PublicAlgorithm::Ecc)
@@ -97,7 +97,7 @@ fn create_ak_public<IKC: IntoKeyCustomization>(
 pub fn load_ak(
     context: &mut Context,
     parent: KeyHandle,
-    ak_auth_value: Option<&Auth>,
+    ak_auth_value: Option<Auth>,
     private: Private,
     public: Public,
 ) -> Result<KeyHandle> {
@@ -137,7 +137,7 @@ pub fn load_ak(
             })?;
 
             ctx.execute_with_session(Some(policy_auth_session), |ctx| {
-                ctx.load(parent, private, &public)
+                ctx.load(parent, private, public)
             })
         },
     )?;
@@ -155,7 +155,7 @@ pub fn create_ak<IKC: IntoKeyCustomization>(
     parent: KeyHandle,
     hash_alg: HashingAlgorithm,
     sign_alg: SignatureSchemeAlgorithm,
-    ak_auth_value: Option<&Auth>,
+    ak_auth_value: Option<Auth>,
     key_customization: IKC,
 ) -> Result<CreateKeyResult> {
     let key_alg = AsymmetricAlgorithm::try_from(sign_alg).map_err(|e| {
@@ -202,7 +202,7 @@ pub fn create_ak<IKC: IntoKeyCustomization>(
             })?;
 
             ctx.execute_with_session(Some(policy_auth_session), |ctx| {
-                ctx.create(parent, &ak_pub, ak_auth_value, None, None, None)
+                ctx.create(parent, ak_pub, ak_auth_value, None, None, None)
             })
         },
     )

tss-esapi/src/abstraction/ek.rs

@@ -69,7 +69,7 @@ pub fn create_ek_public_from_default_template<IKC: IntoKeyCustomization>(
             .with_public_algorithm(PublicAlgorithm::Rsa)
             .with_name_hashing_algorithm(HashingAlgorithm::Sha256)
             .with_object_attributes(obj_attrs)
-            .with_auth_policy(&Digest::try_from(authpolicy[0..32].to_vec())?)
+            .with_auth_policy(Digest::try_from(authpolicy[0..32].to_vec())?)
             .with_rsa_parameters(
                 PublicRsaParametersBuilder::new()
                     .with_symmetric(SymmetricDefinitionObject::AES_128_CFB)
@@ -81,12 +81,12 @@ pub fn create_ek_public_from_default_template<IKC: IntoKeyCustomization>(
                     .with_restricted(obj_attrs.decrypt())
                     .build()?,
             )
-            .with_rsa_unique_identifier(&PublicKeyRsa::new_empty_with_size(RsaKeyBits::Rsa2048)),
+            .with_rsa_unique_identifier(PublicKeyRsa::new_empty_with_size(RsaKeyBits::Rsa2048)),
         AsymmetricAlgorithm::Ecc => PublicBuilder::new()
             .with_public_algorithm(PublicAlgorithm::Ecc)
             .with_name_hashing_algorithm(HashingAlgorithm::Sha256)
             .with_object_attributes(obj_attrs)
-            .with_auth_policy(&Digest::try_from(authpolicy[0..32].to_vec())?)
+            .with_auth_policy(Digest::try_from(authpolicy[0..32].to_vec())?)
             .with_ecc_parameters(
                 PublicEccParametersBuilder::new()
                     .with_symmetric(SymmetricDefinitionObject::AES_128_CFB)
@@ -98,7 +98,7 @@ pub fn create_ek_public_from_default_template<IKC: IntoKeyCustomization>(
                     .with_restricted(obj_attrs.decrypt())
                     .build()?,
             )
-            .with_ecc_unique_identifier(&EccPoint::new(
+            .with_ecc_unique_identifier(EccPoint::new(
                 EccParameter::try_from(vec![0u8; 32])?,
                 EccParameter::try_from(vec![0u8; 32])?,
             )),
@@ -126,7 +126,7 @@ pub fn create_ek_object<IKC: IntoKeyCustomization>(
 
     Ok(context
         .execute_with_nullauth_session(|ctx| {
-            ctx.create_primary(Hierarchy::Endorsement, &ek_public, None, None, None, None)
+            ctx.create_primary(Hierarchy::Endorsement, ek_public, None, None, None, None)
         })?
         .key_handle)
 }

tss-esapi/src/abstraction/pcr.rs

@@ -63,7 +63,7 @@ pub fn read_all(
 ) -> Result<PcrData> {
     let mut pcr_data = PcrData::new();
     while !pcr_selection_list.is_empty() {
-        let (_, pcrs_read, pcr_digests) = context.pcr_read(&pcr_selection_list)?;
+        let (_, pcrs_read, pcr_digests) = context.pcr_read(pcr_selection_list.clone())?;
         pcr_data.add(&pcrs_read, &pcr_digests)?;
         pcr_selection_list.subtract(&pcrs_read)?;
     }

tss-esapi/src/abstraction/transient/mod.rs

@@ -154,8 +154,8 @@ impl TransientKeyContext {
             ..
         } = self.context.create(
             self.root_key_handle,
-            &TransientKeyContext::get_public_from_params(key_params, None)?,
-            key_auth.as_ref(),
+            TransientKeyContext::get_public_from_params(key_params, None)?,
+            key_auth.clone(),
             None,
             None,
             None,
@@ -180,7 +180,7 @@ impl TransientKeyContext {
         self.set_session_attrs()?;
         let key_handle = self
             .context
-            .load_external_public(&public, Hierarchy::Owner)?;
+            .load_external_public(public, Hierarchy::Owner)?;
         self.context.flush_context(key_handle.into())?;
         Ok(KeyMaterial {
             public: public_key,
@@ -286,7 +286,7 @@ impl TransientKeyContext {
             .context
             .sign(
                 key_handle,
-                &digest,
+                digest,
                 SignatureScheme::Null,
                 validation.try_into()?,
             )
@@ -317,7 +317,7 @@ impl TransientKeyContext {
         self.set_session_attrs()?;
         let verified = self
             .context
-            .verify_signature(key_handle, &digest, signature)
+            .verify_signature(key_handle, digest, signature)
             .or_else(|e| {
                 self.context.flush_context(key_handle.into())?;
                 Err(e)
@@ -341,7 +341,7 @@ impl TransientKeyContext {
     ) -> Result<KeyMaterial> {
         self.set_session_attrs()?;
         let key_handle = self.context.context_load(context).map(KeyHandle::from)?;
-        if let Some(key_auth_value) = &auth {
+        if let Some(key_auth_value) = auth.clone() {
             self.context
                 .tr_set_auth(key_handle.into(), key_auth_value)
                 .or_else(|e| {
@@ -466,7 +466,7 @@ impl TransientKeyContext {
                             .with_restricted(false)
                             .build()?,
                     )
-                    .with_rsa_unique_identifier(&unique);
+                    .with_rsa_unique_identifier(unique);
             }
             KeyParams::Ecc { scheme, curve } => {
                 let unique = pub_key
@@ -484,7 +484,7 @@ impl TransientKeyContext {
                         PublicEccParametersBuilder::new_unrestricted_signing_key(scheme, curve)
                             .build()?,
                     )
-                    .with_ecc_unique_identifier(&unique);
+                    .with_ecc_unique_identifier(unique);
             }
         }
         pub_builder.build()
@@ -504,16 +504,16 @@ impl TransientKeyContext {
         self.set_session_attrs()?;
         let key_handle = if material.private.is_empty() {
             self.context
-                .load_external_public(&public, Hierarchy::Owner)?
+                .load_external_public(public, Hierarchy::Owner)?
         } else {
             self.context
-                .load(self.root_key_handle, material.private.try_into()?, &public)
+                .load(self.root_key_handle, material.private.try_into()?, public)
                 .map(KeyHandle::from)?
         };
         let key_auth_value = auth.unwrap_or_default();
         if !key_auth_value.is_empty() {
             self.context
-                .tr_set_auth(key_handle.into(), &key_auth_value)
+                .tr_set_auth(key_handle.into(), key_auth_value)
                 .or_else(|e| {
                     self.context.flush_context(key_handle.into())?;
                     Err(e)
@@ -646,7 +646,7 @@ impl TransientKeyContextBuilder {
 
         for (hierarchy, auth) in self.hierarchy_auth.drain() {
             let auth_hierarchy = Auth::try_from(auth)?;
-            context.tr_set_auth(hierarchy.into(), &auth_hierarchy)?;
+            context.tr_set_auth(hierarchy.into(), auth_hierarchy)?;
         }
 
         let session = context
@@ -674,12 +674,12 @@ impl TransientKeyContextBuilder {
         let root_key_handle = context
             .create_primary(
                 self.root_hierarchy,
-                &create_restricted_decryption_rsa_public(
+                create_restricted_decryption_rsa_public(
                     self.default_context_cipher,
                     root_key_rsa_key_bits,
                     RsaExponent::ZERO_EXPONENT,
                 )?,
-                root_key_auth.as_ref(),
+                root_key_auth,
                 None,
                 None,
                 None,

tss-esapi/src/context/general_esys_tr.rs

@@ -20,8 +20,8 @@ use zeroize::Zeroize;
 
 impl Context {
     /// Set the authentication value for a given object handle in the ESYS context.
-    pub fn tr_set_auth(&mut self, object_handle: ObjectHandle, auth: &Auth) -> Result<()> {
-        let mut tss_auth = auth.clone().into();
+    pub fn tr_set_auth(&mut self, object_handle: ObjectHandle, auth: Auth) -> Result<()> {
+        let mut tss_auth = auth.into();
         let ret = unsafe { Esys_TR_SetAuth(self.mut_context(), object_handle.into(), &tss_auth) };
         tss_auth.buffer.zeroize();
         let ret = Error::from_tss_rc(ret);

tss-esapi/src/context/tpm_commands/asymmetric_primitives.rs

@@ -166,15 +166,15 @@ impl Context {
     ///     .with_name_hashing_algorithm(HashingAlgorithm::Sha256)
     ///     .with_object_attributes(object_attributes)
     ///     .with_ecc_parameters(ecc_parms)
-    ///     .with_ecc_unique_identifier(&EccPoint::default())
+    ///     .with_ecc_unique_identifier(EccPoint::default())
     ///     .build()
     ///     .unwrap();
     ///
     /// let key_handle = context
     ///     .create_primary(
     ///         Hierarchy::Owner,
-    ///         &public,
-    ///         Some(&key_auth),
+    ///         public,
+    ///         Some(key_auth),
     ///         None,
     ///         None,
     ///         None,
@@ -298,15 +298,15 @@ impl Context {
     ///     .with_name_hashing_algorithm(HashingAlgorithm::Sha256)
     ///     .with_object_attributes(object_attributes)
     ///     .with_ecc_parameters(ecc_parms)
-    ///     .with_ecc_unique_identifier(&EccPoint::default())
+    ///     .with_ecc_unique_identifier(EccPoint::default())
     ///     .build()
     ///     .unwrap();
     ///
     /// let key_handle = context
     ///     .create_primary(
     ///         Hierarchy::Owner,
-    ///         &public,
-    ///         Some(&key_auth),
+    ///         public,
+    ///         Some(key_auth),
     ///         None,
     ///         None,
     ///         None,

tss-esapi/src/context/tpm_commands/attestation_commands.rs

@@ -73,7 +73,7 @@ impl Context {
     /// # .expect("Failed to create an unrestricted signing rsa public structure");
     /// # let sign_key_handle = context
     /// #     .execute_with_nullauth_session(|ctx| {
-    /// #         ctx.create_primary(Hierarchy::Owner, &signing_key_pub, None, None, None, None)
+    /// #         ctx.create_primary(Hierarchy::Owner, signing_key_pub, None, None, None, None)
     /// #     })
     /// #     .unwrap()
     /// #     .key_handle;
@@ -89,7 +89,7 @@ impl Context {
     /// #     .execute_with_nullauth_session(|ctx| {
     /// #         ctx.create_primary(
     /// #             Hierarchy::Owner,
-    /// #             &decryption_key_pub,
+    /// #             decryption_key_pub,
     /// #             None,
     /// #             None,
     /// #             None,
@@ -109,7 +109,7 @@ impl Context {
     ///             ctx.certify(
     ///                 obj_key_handle.into(),
     ///                 sign_key_handle,
-    ///                 &Data::try_from(qualifying_data).unwrap(),
+    ///                 Data::try_from(qualifying_data).unwrap(),
     ///                 SignatureScheme::Null,
     ///             )
     ///         },
@@ -120,7 +120,7 @@ impl Context {
         &mut self,
         object_handle: ObjectHandle,
         signing_key_handle: KeyHandle,
-        qualifying_data: &Data,
+        qualifying_data: Data,
         signing_scheme: SignatureScheme,
     ) -> Result<(Attest, Signature)> {
         let mut certify_info = null_mut();
@@ -133,7 +133,7 @@ impl Context {
                 self.required_session_1()?,
                 self.required_session_2()?,
                 self.optional_session_3(),
-                &qualifying_data.clone().into(),
+                &qualifying_data.into(),
                 &signing_scheme.into(),
                 &mut certify_info,
                 &mut signature,
@@ -163,7 +163,7 @@ impl Context {
     pub fn quote(
         &mut self,
         signing_key_handle: KeyHandle,
-        qualifying_data: &Data,
+        qualifying_data: Data,
         signing_scheme: SignatureScheme,
         pcr_selection_list: PcrSelectionList,
     ) -> Result<(Attest, Signature)> {
@@ -176,7 +176,7 @@ impl Context {
                 self.optional_session_1(),
                 self.optional_session_2(),
                 self.optional_session_3(),
-                &qualifying_data.clone().into(),
+                &qualifying_data.into(),
                 &signing_scheme.into(),
                 &pcr_selection_list.into(),
                 &mut quoted,

tss-esapi/src/context/tpm_commands/context_management.rs

@@ -125,8 +125,8 @@ impl Context {
     ///     let key_handle = ctx
     ///         .create_primary(
     ///             Hierarchy::Owner,
-    ///             &public_area,
-    ///             Some(&key_auth),
+    ///             public_area,
+    ///             Some(key_auth),
     ///             None,
     ///             None,
     ///             None,
@@ -245,12 +245,12 @@ impl Context {
     /// #    ctx
     /// #        .create_primary(
     /// #            Hierarchy::Owner,
-    /// #            &create_restricted_decryption_rsa_public(
+    /// #            create_restricted_decryption_rsa_public(
     /// #               SymmetricDefinitionObject::AES_256_CFB,
     /// #               RsaKeyBits::Rsa2048,
     /// #               RsaExponent::default(),
     /// #            ).expect("Failed to Public structure for key"),
-    /// #            Some(auth_value_primary).as_ref(),
+    /// #            Some(auth_value_primary),
     /// #            None,
     /// #            None,
     /// #            None,
@@ -364,12 +364,12 @@ impl Context {
     /// #    ctx
     /// #        .create_primary(
     /// #            Hierarchy::Owner,
-    /// #            &create_restricted_decryption_rsa_public(
+    /// #            create_restricted_decryption_rsa_public(
     /// #               SymmetricDefinitionObject::AES_256_CFB,
     /// #               RsaKeyBits::Rsa2048,
     /// #               RsaExponent::default(),
     /// #            ).expect("Failed to Public structure for key"),
-    /// #            Some(auth_value_primary).as_ref(),
+    /// #            Some(auth_value_primary),
     /// #            None,
     /// #            None,
     /// #            None,