Merge pull request #363 from mdcarr941/main

Superhepper · web-flow · commit d1833e1b84eb · 2022-08-31T09:31:46.000+02:00
Conditionally expose `Esys_TR_GetTpmHandle`
diff --git a/tss-esapi/build.rs b/tss-esapi/build.rs
@@ -37,4 +37,12 @@ fn main() {
     if has_tss_base_rc_values_52_to_53_req.matches(&tss_version) {
         println!("cargo:rustc-cfg=has_tss_base_rc_values_52_to_53")
     }
+
+    #[cfg(feature = "generate-bindings")]
+    {
+        let has_esys_tr_get_tpm_handle_req = VersionReq::parse(">=2.4.0").unwrap();
+        if has_esys_tr_get_tpm_handle_req.matches(&tss_version) {
+            println!("cargo:rustc-cfg=has_esys_tr_get_tpm_handle")
+        }
+    }
 }
diff --git a/tss-esapi/src/context/general_esys_tr.rs b/tss-esapi/src/context/general_esys_tr.rs
@@ -85,6 +85,22 @@ impl Context {
         Ok(())
     }
 
+    #[cfg(has_esys_tr_get_tpm_handle)]
+    /// Retrieve the `TpmHandle` stored in the given object.
+    pub fn tr_get_tpm_handle(&mut self, object_handle: ObjectHandle) -> Result<TpmHandle> {
+        use crate::{constants::tss::TPM2_RH_UNASSIGNED, tss2_esys::Esys_TR_GetTpmHandle};
+        let mut tpm_handle = TPM2_RH_UNASSIGNED;
+        ReturnCode::ensure_success(
+            unsafe {
+                Esys_TR_GetTpmHandle(self.mut_context(), object_handle.into(), &mut tpm_handle)
+            },
+            |ret| {
+                error!("Error when getting TPM handle from ESYS handle: {}", ret);
+            },
+        )?;
+        TpmHandle::try_from(tpm_handle)
+    }
+
     // Missing function: Esys_TR_Serialize
     // Missing function: Esys_TR_Deserialize
 }
diff --git a/tss-esapi/tests/integration_tests/context_tests/general_esys_tr_tests.rs b/tss-esapi/tests/integration_tests/context_tests/general_esys_tr_tests.rs
@@ -375,4 +375,73 @@ mod test_tr_from_tpm_public {
         assert_eq!(expected_name, actual_name);
         assert_eq!(expected_data, actual_data);
     }
+
+    #[cfg(has_esys_tr_get_tpm_handle)]
+    #[test]
+    fn test_tr_get_tpm_handle() {
+        use tss_esapi::handles::TpmHandle;
+
+        let nv_index_tpm_handle = NvIndexTpmHandle::new(0x01500024).unwrap();
+        remove_nv_index_handle_from_tpm(nv_index_tpm_handle, Provision::Owner);
+
+        let mut context = create_ctx_without_session();
+
+        // closure for cleaning up if a call fails.
+        let cleanup = |context: &mut Context,
+                       e: tss_esapi::Error,
+                       handle: NvIndexHandle,
+                       fn_name: &str|
+         -> tss_esapi::Error {
+            // Set password authorization
+            context.set_sessions((Some(AuthSession::Password), None, None));
+            context
+                .nv_undefine_space(Provision::Owner, handle)
+                .expect("Failed to call nv_undefine_space");
+            panic!("{} failed: {}", fn_name, e);
+        };
+
+        // Create nv public.
+        let nv_index_attributes = NvIndexAttributesBuilder::new()
+            .with_owner_write(true)
+            .with_owner_read(true)
+            .build()
+            .expect("Failed to create owner nv index attributes");
+
+        let nv_public = NvPublicBuilder::new()
+            .with_nv_index(nv_index_tpm_handle)
+            .with_index_name_algorithm(HashingAlgorithm::Sha256)
+            .with_index_attributes(nv_index_attributes)
+            .with_data_area_size(32)
+            .build()
+            .unwrap();
+        ///////////////////////////////////////////////////////////////
+        // Define space
+        //
+        // Set password authorization when creating the space.
+        context.set_sessions((Some(AuthSession::Password), None, None));
+        let nv_index_handle = context
+            .nv_define_space(Provision::Owner, None, nv_public)
+            .expect("Failed to call nv_define_space");
+        ///////////////////////////////////////////////////////////////
+        // Get the TPM handle from the NV index handle object handle.
+        //
+        // Set password authorization
+        let actual = context
+            .tr_get_tpm_handle(nv_index_handle.into())
+            .map_err(|e| cleanup(&mut context, e, nv_index_handle, "tr_get"))
+            .expect("Failed to get TPM handle");
+        ///////////////////////////////////////////////////////////////
+        // Remove undefine the space
+        //
+        // Set password authorization
+        context.set_sessions((Some(AuthSession::Password), None, None));
+        context
+            .nv_undefine_space(Provision::Owner, nv_index_handle)
+            .expect("Failed to call nv_undefine_space");
+        ///////////////////////////////////////////////////////////////
+        // Check that we got the correct handle
+        //
+        let expected = TpmHandle::NvIndex(nv_index_tpm_handle);
+        assert_eq!(expected, actual);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -37,4 +37,12 @@ fn main() {`
`37`	`37`	`if has_tss_base_rc_values_52_to_53_req.matches(&tss_version) {`
`38`	`38`	`println!("cargo:rustc-cfg=has_tss_base_rc_values_52_to_53")`
`39`	`39`	`}`
	`40`	`+`
	`41`	`+ #[cfg(feature = "generate-bindings")]`
	`42`	`+ {`
	`43`	`+ let has_esys_tr_get_tpm_handle_req = VersionReq::parse(">=2.4.0").unwrap();`
	`44`	`+ if has_esys_tr_get_tpm_handle_req.matches(&tss_version) {`
	`45`	`+ println!("cargo:rustc-cfg=has_esys_tr_get_tpm_handle")`
	`46`	`+ }`
	`47`	`+ }`
`40`	`48`	`}`