Improves 'use' and naming in context methods.

Removes all 'use crate::tss2_esys::*' and replaces it with more
specific use declarations that only imports with module needs.

Makes the naming of variables in the context methods more consistent by
allways using the name that are snake case versions of the names used
in the declaration of the Tss_Esys-functions.
A '_ptr' suffix is used when it is a variable that will contain
a pointer to a memory that is not freed by the tpm2-tss library.

Makes use of the YesNo interface for handling the conversions from bool
to TPMI_YES_NO.

Signed-off-by: Jesper Brynolf <[email protected]>

Author: Superhepper

tss-esapi/src/context/general_esys_tr.rs

@@ -6,10 +6,7 @@ use crate::{
     handles::{handle_conversion::TryIntoNotNone, TpmHandle},
     structures::Auth,
     structures::Name,
-    tss2_esys::{
-        Esys_TR_Close, Esys_TR_FromTPMPublic, Esys_TR_GetName, Esys_TR_SetAuth, ESYS_TR,
-        ESYS_TR_NONE, TPM2B_NAME,
-    },
+    tss2_esys::{Esys_TR_Close, Esys_TR_FromTPMPublic, Esys_TR_GetName, Esys_TR_SetAuth},
     Context, Error, Result,
 };
 use log::error;
@@ -21,9 +18,9 @@ use zeroize::Zeroize;
 impl Context {
     /// Set the authentication value for a given object handle in the ESYS context.
     pub fn tr_set_auth(&mut self, object_handle: ObjectHandle, auth: Auth) -> Result<()> {
-        let mut tss_auth = auth.into();
-        let ret = unsafe { Esys_TR_SetAuth(self.mut_context(), object_handle.into(), &tss_auth) };
-        tss_auth.buffer.zeroize();
+        let mut auth_value = auth.into();
+        let ret = unsafe { Esys_TR_SetAuth(self.mut_context(), object_handle.into(), &auth_value) };
+        auth_value.buffer.zeroize();
         let ret = Error::from_tss_rc(ret);
         if ret.is_success() {
             Ok(())
@@ -35,12 +32,13 @@ impl Context {
 
     /// Retrieve the name of an object from the object handle
     pub fn tr_get_name(&mut self, object_handle: ObjectHandle) -> Result<Name> {
-        let mut name = null_mut();
-        let ret = unsafe { Esys_TR_GetName(self.mut_context(), object_handle.into(), &mut name) };
+        let mut name_ptr = null_mut();
+        let ret =
+            unsafe { Esys_TR_GetName(self.mut_context(), object_handle.into(), &mut name_ptr) };
         let ret = Error::from_tss_rc(ret);
         if ret.is_success() {
-            let tss_name = unsafe { MBox::<TPM2B_NAME>::from_raw(name) };
-            Ok(Name::try_from(*tss_name)?)
+            let name = unsafe { MBox::from_raw(name_ptr) };
+            Ok(Name::try_from(*name)?)
         } else {
             error!("Error in getting name: {}", ret);
             Err(ret)
@@ -49,29 +47,28 @@ impl Context {
 
     /// Used to construct an esys object from the resources inside the TPM.
     pub fn tr_from_tpm_public(&mut self, tpm_handle: TpmHandle) -> Result<ObjectHandle> {
-        let mut esys_object_handle: ESYS_TR = ESYS_TR_NONE;
+        let mut object = ObjectHandle::None.into();
         let ret = unsafe {
             Esys_TR_FromTPMPublic(
                 self.mut_context(),
                 tpm_handle.into(),
                 self.optional_session_1(),
                 self.optional_session_2(),
                 self.optional_session_3(),
-                &mut esys_object_handle,
+                &mut object,
             )
         };
         let ret = Error::from_tss_rc(ret);
         if ret.is_success() {
-            let object_handle = ObjectHandle::from(esys_object_handle);
             self.handle_manager.add_handle(
-                object_handle,
+                object.into(),
                 if tpm_handle.may_be_flushed() {
                     HandleDropAction::Flush
                 } else {
                     HandleDropAction::Close
                 },
             )?;
-            Ok(object_handle)
+            Ok(object.into())
         } else {
             error!("Error when getting ESYS handle from TPM handle: {}", ret);
             Err(ret)
@@ -82,12 +79,12 @@ impl Context {
     ///
     /// This is useful for cleaning up handles for which the context cannot be flushed.
     pub fn tr_close(&mut self, object_handle: &mut ObjectHandle) -> Result<()> {
-        let mut tss_esys_object_handle = object_handle.try_into_not_none()?;
-        let ret = unsafe { Esys_TR_Close(self.mut_context(), &mut tss_esys_object_handle) };
+        let mut rsrc_handle = object_handle.try_into_not_none()?;
+        let ret = unsafe { Esys_TR_Close(self.mut_context(), &mut rsrc_handle) };
         let ret = Error::from_tss_rc(ret);
         if ret.is_success() {
             self.handle_manager.set_as_closed(*object_handle)?;
-            *object_handle = ObjectHandle::from(tss_esys_object_handle);
+            *object_handle = ObjectHandle::from(rsrc_handle);
             Ok(())
         } else {
             error!("Error when closing an ESYS handle: {}", ret);

tss-esapi/src/context/session_administration.rs

@@ -4,7 +4,7 @@ use crate::{
     attributes::{SessionAttributes, SessionAttributesMask},
     handles::SessionHandle,
     interface_types::session_handles::AuthSession,
-    tss2_esys::{Esys_TRSess_GetAttributes, Esys_TRSess_SetAttributes, TPMA_SESSION},
+    tss2_esys::{Esys_TRSess_GetAttributes, Esys_TRSess_SetAttributes},
     Context, Error, Result,
 };
 use log::error;
@@ -36,7 +36,7 @@ impl Context {
 
     /// Get session attribute flags.
     pub fn tr_sess_get_attributes(&mut self, session: AuthSession) -> Result<SessionAttributes> {
-        let mut flags: TPMA_SESSION = 0;
+        let mut flags = 0;
         let ret = unsafe {
             Esys_TRSess_GetAttributes(
                 self.mut_context(),

tss-esapi/src/context/tpm_commands/asymmetric_primitives.rs

@@ -4,12 +4,11 @@ use crate::{
     handles::KeyHandle,
     structures::Data,
     structures::{EccPoint, PublicKeyRsa, RsaDecryptionScheme},
-    tss2_esys::*,
+    tss2_esys::{Esys_ECDH_KeyGen, Esys_ECDH_ZGen, Esys_RSA_Decrypt, Esys_RSA_Encrypt},
     Context, Error, Result,
 };
 use log::error;
-use std::convert::TryFrom;
-use std::convert::TryInto;
+use std::convert::{TryFrom, TryInto};
 use std::ptr::null_mut;
 
 impl Context {
@@ -21,7 +20,7 @@ impl Context {
         in_scheme: RsaDecryptionScheme,
         label: Data,
     ) -> Result<PublicKeyRsa> {
-        let mut out_data = null_mut();
+        let mut out_data_ptr = null_mut();
         let ret = unsafe {
             Esys_RSA_Encrypt(
                 self.mut_context(),
@@ -32,13 +31,13 @@ impl Context {
                 &message.into(),
                 &in_scheme.into(),
                 &label.into(),
-                &mut out_data,
+                &mut out_data_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            let data = unsafe { PublicKeyRsa::try_from(*out_data)? };
+            let data = unsafe { PublicKeyRsa::try_from(*out_data_ptr)? };
             Ok(data)
         } else {
             error!("Error when performing RSA encryption: {}", ret);
@@ -54,7 +53,7 @@ impl Context {
         in_scheme: RsaDecryptionScheme,
         label: Data,
     ) -> Result<PublicKeyRsa> {
-        let mut message = null_mut();
+        let mut message_ptr = null_mut();
         let ret = unsafe {
             Esys_RSA_Decrypt(
                 self.mut_context(),
@@ -65,13 +64,13 @@ impl Context {
                 &cipher_text.into(),
                 &in_scheme.into(),
                 &label.into(),
-                &mut message,
+                &mut message_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            let data = unsafe { PublicKeyRsa::try_from(*message)? };
+            let data = unsafe { PublicKeyRsa::try_from(*message_ptr)? };
             Ok(data)
         } else {
             error!("Error when performing RSA decryption: {}", ret);
@@ -186,24 +185,29 @@ impl Context {
     /// let (z_point, pub_point) = context.ecdh_key_gen(key_handle).unwrap();
     /// ```
     pub fn ecdh_key_gen(&mut self, key_handle: KeyHandle) -> Result<(EccPoint, EccPoint)> {
-        let mut z_point = null_mut();
-        let mut pub_point = null_mut();
+        let mut z_point_ptr = null_mut();
+        let mut pub_point_ptr = null_mut();
         let ret = unsafe {
             Esys_ECDH_KeyGen(
                 self.mut_context(),
                 key_handle.into(),
                 self.optional_session_1(),
                 self.optional_session_2(),
                 self.optional_session_3(),
-                &mut z_point,
-                &mut pub_point,
+                &mut z_point_ptr,
+                &mut pub_point_ptr,
             )
         };
 
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            Ok(unsafe { ((*z_point).point.try_into()?, (*pub_point).point.try_into()?) })
+            Ok(unsafe {
+                (
+                    (*z_point_ptr).point.try_into()?,
+                    (*pub_point_ptr).point.try_into()?,
+                )
+            })
         } else {
             error!("Error when generating ECDH keypair: {}", ret);
             Err(ret)
@@ -320,7 +324,7 @@ impl Context {
     /// assert_eq!(z_point.x().value(), z_point_gen.x().value());
     /// ```
     pub fn ecdh_z_gen(&mut self, key_handle: KeyHandle, in_point: EccPoint) -> Result<EccPoint> {
-        let mut point = null_mut();
+        let mut out_point_ptr = null_mut();
         let ret = unsafe {
             Esys_ECDH_ZGen(
                 self.mut_context(),
@@ -329,13 +333,13 @@ impl Context {
                 self.optional_session_2(),
                 self.optional_session_3(),
                 &in_point.into(),
-                &mut point,
+                &mut out_point_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            Ok(unsafe { (*point).point.try_into()? })
+            Ok(unsafe { (*out_point_ptr).point.try_into()? })
         } else {
             error!("Error when performing ECDH ZGen: {}", ret);
             Err(ret)

tss-esapi/src/context/tpm_commands/attestation_commands.rs

@@ -3,7 +3,7 @@
 use crate::{
     handles::{KeyHandle, ObjectHandle},
     structures::{Attest, AttestBuffer, Data, PcrSelectionList, Signature, SignatureScheme},
-    tss2_esys::*,
+    tss2_esys::{Esys_Certify, Esys_Quote},
     Context, Error, Result,
 };
 use log::error;
@@ -123,8 +123,8 @@ impl Context {
         qualifying_data: Data,
         signing_scheme: SignatureScheme,
     ) -> Result<(Attest, Signature)> {
-        let mut certify_info = null_mut();
-        let mut signature = null_mut();
+        let mut certify_info_ptr = null_mut();
+        let mut signature_ptr = null_mut();
         let ret = unsafe {
             Esys_Certify(
                 self.mut_context(),
@@ -135,15 +135,15 @@ impl Context {
                 self.optional_session_3(),
                 &qualifying_data.into(),
                 &signing_scheme.into(),
-                &mut certify_info,
-                &mut signature,
+                &mut certify_info_ptr,
+                &mut signature_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            let certify_info = unsafe { MBox::<TPM2B_ATTEST>::from_raw(certify_info) };
-            let signature = unsafe { MBox::from_raw(signature) };
+            let certify_info = unsafe { MBox::from_raw(certify_info_ptr) };
+            let signature = unsafe { MBox::from_raw(signature_ptr) };
             Ok((
                 Attest::try_from(AttestBuffer::try_from(*certify_info)?)?,
                 Signature::try_from(*signature)?,
@@ -167,8 +167,8 @@ impl Context {
         signing_scheme: SignatureScheme,
         pcr_selection_list: PcrSelectionList,
     ) -> Result<(Attest, Signature)> {
-        let mut quoted = null_mut();
-        let mut signature = null_mut();
+        let mut quoted_ptr = null_mut();
+        let mut signature_ptr = null_mut();
         let ret = unsafe {
             Esys_Quote(
                 self.mut_context(),
@@ -179,15 +179,15 @@ impl Context {
                 &qualifying_data.into(),
                 &signing_scheme.into(),
                 &pcr_selection_list.into(),
-                &mut quoted,
-                &mut signature,
+                &mut quoted_ptr,
+                &mut signature_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            let quoted = unsafe { MBox::from_raw(quoted) };
-            let signature = unsafe { MBox::from_raw(signature) };
+            let quoted = unsafe { MBox::from_raw(quoted_ptr) };
+            let signature = unsafe { MBox::from_raw(signature_ptr) };
             Ok((
                 Attest::try_from(AttestBuffer::try_from(*quoted)?)?,
                 Signature::try_from(*signature)?,

tss-esapi/src/context/tpm_commands/capability_commands.rs

@@ -2,9 +2,10 @@
 // SPDX-License-Identifier: Apache-2.0
 use crate::{
     constants::CapabilityType,
+    interface_types::YesNo,
     structures::{CapabilityData, PublicParameters},
-    tss2_esys::*,
-    Context, Error, Result, WrapperErrorKind as ErrorKind,
+    tss2_esys::{Esys_GetCapability, Esys_TestParms},
+    Context, Error, Result,
 };
 use log::{error, warn};
 use mbox::MBox;
@@ -46,8 +47,8 @@ impl Context {
         property: u32,
         property_count: u32,
     ) -> Result<(CapabilityData, bool)> {
-        let mut outcapabilitydata = null_mut();
-        let mut outmoredata: u8 = 0;
+        let mut capability_data_ptr = null_mut();
+        let mut more_data = YesNo::No.into();
 
         let ret = unsafe {
             Esys_GetCapability(
@@ -58,23 +59,16 @@ impl Context {
                 capability.into(),
                 property,
                 property_count,
-                &mut outmoredata,
-                &mut outcapabilitydata,
+                &mut more_data,
+                &mut capability_data_ptr,
             )
         };
-        let moredata = if outmoredata == 0 {
-            false
-        } else if outmoredata == 1 {
-            true
-        } else {
-            return Err(Error::WrapperError(ErrorKind::WrongValueFromTpm));
-        };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            let capabilitydata = unsafe { MBox::from_raw(outcapabilitydata) };
-            let capabilities = CapabilityData::try_from(*capabilitydata)?;
-            Ok((capabilities, moredata))
+            let capability_data = unsafe { MBox::from_raw(capability_data_ptr) };
+            let capabilities = CapabilityData::try_from(*capability_data)?;
+            Ok((capabilities, YesNo::try_from(more_data)?.into()))
         } else {
             error!("Error when getting capabilities: {}", ret);
             Err(ret)