parallaxsecond
diff --git a/‎tss-esapi/src/context.rs
Lines changed: 11 additions & 5 deletions b/‎tss-esapi/src/context.rs
Lines changed: 11 additions & 5 deletions
diff --git a/‎tss-esapi/src/context/general_esys_tr.rs
Lines changed: 15 additions & 20 deletions b/‎tss-esapi/src/context/general_esys_tr.rs
Lines changed: 15 additions & 20 deletions
diff --git a/‎tss-esapi/src/context/session_administration.rs
Lines changed: 2 additions & 2 deletions b/‎tss-esapi/src/context/session_administration.rs
Lines changed: 2 additions & 2 deletions
diff --git a/‎tss-esapi/src/context/tpm_commands/asymmetric_primitives.rs
Lines changed: 21 additions & 18 deletions b/‎tss-esapi/src/context/tpm_commands/asymmetric_primitives.rs
Lines changed: 21 additions & 18 deletions
diff --git a/‎tss-esapi/src/context/tpm_commands/attestation_commands.rs
Lines changed: 17 additions & 18 deletions b/‎tss-esapi/src/context/tpm_commands/attestation_commands.rs
Lines changed: 17 additions & 18 deletions
@@ -388,25 +388,25 @@ impl Context {
             .unwrap() // will only fail if called from Drop after .take()
     }
 
-    /// Internal function for retrieving the ESYS session handle for
+    /// Private method for retrieving the ESYS session handle for
     /// the optional session 1.
     fn optional_session_1(&self) -> ESYS_TR {
         SessionHandle::from(self.sessions.0).into()
     }
 
-    /// Internal function for retrieving the ESYS session handle for
+    /// Private method for retrieving the ESYS session handle for
     /// the optional session 2.
     fn optional_session_2(&self) -> ESYS_TR {
         SessionHandle::from(self.sessions.1).into()
     }
 
-    /// Internal function for retrieving the ESYS session handle for
+    /// Private method for retrieving the ESYS session handle for
     /// the optional session 3.
     fn optional_session_3(&self) -> ESYS_TR {
         SessionHandle::from(self.sessions.2).into()
     }
 
-    /// Function that returns the required
+    /// Private method that returns the required
     /// session handle 1 if it is available else
     /// returns an error.
     fn required_session_1(&self) -> Result<ESYS_TR> {
@@ -419,7 +419,7 @@ impl Context {
             })
     }
 
-    /// Function that returns the required
+    /// Private method that returns the required
     /// session handle 2 if it is available else
     /// returns an error.
     fn required_session_2(&self) -> Result<ESYS_TR> {
@@ -431,6 +431,12 @@ impl Context {
                 Error::local_error(ErrorKind::MissingAuthSession)
             })
     }
+
+    /// Private function for handling that has been allocated with
+    /// C memory allocation functions in TSS.
+    fn ffi_data_to_owned<T>(data_ptr: *mut T) -> T {
+        MBox::into_inner(unsafe { MBox::from_raw(data_ptr) })
+    }
 }
 
 impl Drop for Context {
 
@@ -6,24 +6,20 @@ use crate::{
     handles::{handle_conversion::TryIntoNotNone, TpmHandle},
     structures::Auth,
     structures::Name,
-    tss2_esys::{
-        Esys_TR_Close, Esys_TR_FromTPMPublic, Esys_TR_GetName, Esys_TR_SetAuth, ESYS_TR,
-        ESYS_TR_NONE, TPM2B_NAME,
-    },
+    tss2_esys::{Esys_TR_Close, Esys_TR_FromTPMPublic, Esys_TR_GetName, Esys_TR_SetAuth},
     Context, Error, Result,
 };
 use log::error;
-use mbox::MBox;
 use std::convert::TryFrom;
 use std::ptr::null_mut;
 use zeroize::Zeroize;
 
 impl Context {
     /// Set the authentication value for a given object handle in the ESYS context.
     pub fn tr_set_auth(&mut self, object_handle: ObjectHandle, auth: Auth) -> Result<()> {
-        let mut tss_auth = auth.into();
-        let ret = unsafe { Esys_TR_SetAuth(self.mut_context(), object_handle.into(), &tss_auth) };
-        tss_auth.buffer.zeroize();
+        let mut auth_value = auth.into();
+        let ret = unsafe { Esys_TR_SetAuth(self.mut_context(), object_handle.into(), &auth_value) };
+        auth_value.buffer.zeroize();
         let ret = Error::from_tss_rc(ret);
         if ret.is_success() {
             Ok(())
@@ -35,12 +31,12 @@ impl Context {
 
     /// Retrieve the name of an object from the object handle
     pub fn tr_get_name(&mut self, object_handle: ObjectHandle) -> Result<Name> {
-        let mut name = null_mut();
-        let ret = unsafe { Esys_TR_GetName(self.mut_context(), object_handle.into(), &mut name) };
+        let mut name_ptr = null_mut();
+        let ret =
+            unsafe { Esys_TR_GetName(self.mut_context(), object_handle.into(), &mut name_ptr) };
         let ret = Error::from_tss_rc(ret);
         if ret.is_success() {
-            let tss_name = unsafe { MBox::<TPM2B_NAME>::from_raw(name) };
-            Ok(Name::try_from(*tss_name)?)
+            Name::try_from(Context::ffi_data_to_owned(name_ptr))
         } else {
             error!("Error in getting name: {}", ret);
             Err(ret)
@@ -49,29 +45,28 @@ impl Context {
 
     /// Used to construct an esys object from the resources inside the TPM.
     pub fn tr_from_tpm_public(&mut self, tpm_handle: TpmHandle) -> Result<ObjectHandle> {
-        let mut esys_object_handle: ESYS_TR = ESYS_TR_NONE;
+        let mut object = ObjectHandle::None.into();
         let ret = unsafe {
             Esys_TR_FromTPMPublic(
                 self.mut_context(),
                 tpm_handle.into(),
                 self.optional_session_1(),
                 self.optional_session_2(),
                 self.optional_session_3(),
-                &mut esys_object_handle,
+                &mut object,
             )
         };
         let ret = Error::from_tss_rc(ret);
         if ret.is_success() {
-            let object_handle = ObjectHandle::from(esys_object_handle);
             self.handle_manager.add_handle(
-                object_handle,
+                object.into(),
                 if tpm_handle.may_be_flushed() {
                     HandleDropAction::Flush
                 } else {
                     HandleDropAction::Close
                 },
             )?;
-            Ok(object_handle)
+            Ok(object.into())
         } else {
             error!("Error when getting ESYS handle from TPM handle: {}", ret);
             Err(ret)
@@ -82,12 +77,12 @@ impl Context {
     ///
     /// This is useful for cleaning up handles for which the context cannot be flushed.
     pub fn tr_close(&mut self, object_handle: &mut ObjectHandle) -> Result<()> {
-        let mut tss_esys_object_handle = object_handle.try_into_not_none()?;
-        let ret = unsafe { Esys_TR_Close(self.mut_context(), &mut tss_esys_object_handle) };
+        let mut rsrc_handle = object_handle.try_into_not_none()?;
+        let ret = unsafe { Esys_TR_Close(self.mut_context(), &mut rsrc_handle) };
         let ret = Error::from_tss_rc(ret);
         if ret.is_success() {
             self.handle_manager.set_as_closed(*object_handle)?;
-            *object_handle = ObjectHandle::from(tss_esys_object_handle);
+            *object_handle = ObjectHandle::from(rsrc_handle);
             Ok(())
         } else {
             error!("Error when closing an ESYS handle: {}", ret);
 
@@ -4,7 +4,7 @@ use crate::{
     attributes::{SessionAttributes, SessionAttributesMask},
     handles::SessionHandle,
     interface_types::session_handles::AuthSession,
-    tss2_esys::{Esys_TRSess_GetAttributes, Esys_TRSess_SetAttributes, TPMA_SESSION},
+    tss2_esys::{Esys_TRSess_GetAttributes, Esys_TRSess_SetAttributes},
     Context, Error, Result,
 };
 use log::error;
@@ -36,7 +36,7 @@ impl Context {
 
     /// Get session attribute flags.
     pub fn tr_sess_get_attributes(&mut self, session: AuthSession) -> Result<SessionAttributes> {
-        let mut flags: TPMA_SESSION = 0;
+        let mut flags = 0;
         let ret = unsafe {
             Esys_TRSess_GetAttributes(
                 self.mut_context(),
 
@@ -4,12 +4,11 @@ use crate::{
     handles::KeyHandle,
     structures::Data,
     structures::{EccPoint, PublicKeyRsa, RsaDecryptionScheme},
-    tss2_esys::*,
+    tss2_esys::{Esys_ECDH_KeyGen, Esys_ECDH_ZGen, Esys_RSA_Decrypt, Esys_RSA_Encrypt},
     Context, Error, Result,
 };
 use log::error;
 use std::convert::TryFrom;
-use std::convert::TryInto;
 use std::ptr::null_mut;
 
 impl Context {
@@ -21,7 +20,7 @@ impl Context {
         in_scheme: RsaDecryptionScheme,
         label: Data,
     ) -> Result<PublicKeyRsa> {
-        let mut out_data = null_mut();
+        let mut out_data_ptr = null_mut();
         let ret = unsafe {
             Esys_RSA_Encrypt(
                 self.mut_context(),
@@ -32,14 +31,13 @@ impl Context {
                 &message.into(),
                 &in_scheme.into(),
                 &label.into(),
-                &mut out_data,
+                &mut out_data_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            let data = unsafe { PublicKeyRsa::try_from(*out_data)? };
-            Ok(data)
+            PublicKeyRsa::try_from(Context::ffi_data_to_owned(out_data_ptr))
         } else {
             error!("Error when performing RSA encryption: {}", ret);
             Err(ret)
@@ -54,7 +52,7 @@ impl Context {
         in_scheme: RsaDecryptionScheme,
         label: Data,
     ) -> Result<PublicKeyRsa> {
-        let mut message = null_mut();
+        let mut message_ptr = null_mut();
         let ret = unsafe {
             Esys_RSA_Decrypt(
                 self.mut_context(),
@@ -65,14 +63,13 @@ impl Context {
                 &cipher_text.into(),
                 &in_scheme.into(),
                 &label.into(),
-                &mut message,
+                &mut message_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            let data = unsafe { PublicKeyRsa::try_from(*message)? };
-            Ok(data)
+            PublicKeyRsa::try_from(Context::ffi_data_to_owned(message_ptr))
         } else {
             error!("Error when performing RSA decryption: {}", ret);
             Err(ret)
@@ -186,24 +183,29 @@ impl Context {
     /// let (z_point, pub_point) = context.ecdh_key_gen(key_handle).unwrap();
     /// ```
     pub fn ecdh_key_gen(&mut self, key_handle: KeyHandle) -> Result<(EccPoint, EccPoint)> {
-        let mut z_point = null_mut();
-        let mut pub_point = null_mut();
+        let mut z_point_ptr = null_mut();
+        let mut pub_point_ptr = null_mut();
         let ret = unsafe {
             Esys_ECDH_KeyGen(
                 self.mut_context(),
                 key_handle.into(),
                 self.optional_session_1(),
                 self.optional_session_2(),
                 self.optional_session_3(),
-                &mut z_point,
-                &mut pub_point,
+                &mut z_point_ptr,
+                &mut pub_point_ptr,
             )
         };
 
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            Ok(unsafe { ((*z_point).point.try_into()?, (*pub_point).point.try_into()?) })
+            let z_point = Context::ffi_data_to_owned(z_point_ptr);
+            let pub_point = Context::ffi_data_to_owned(pub_point_ptr);
+            Ok((
+                EccPoint::try_from(z_point.point)?,
+                EccPoint::try_from(pub_point.point)?,
+            ))
         } else {
             error!("Error when generating ECDH keypair: {}", ret);
             Err(ret)
@@ -320,7 +322,7 @@ impl Context {
     /// assert_eq!(z_point.x().value(), z_point_gen.x().value());
     /// ```
     pub fn ecdh_z_gen(&mut self, key_handle: KeyHandle, in_point: EccPoint) -> Result<EccPoint> {
-        let mut point = null_mut();
+        let mut out_point_ptr = null_mut();
         let ret = unsafe {
             Esys_ECDH_ZGen(
                 self.mut_context(),
@@ -329,13 +331,14 @@ impl Context {
                 self.optional_session_2(),
                 self.optional_session_3(),
                 &in_point.into(),
-                &mut point,
+                &mut out_point_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            Ok(unsafe { (*point).point.try_into()? })
+            let out_point = Context::ffi_data_to_owned(out_point_ptr);
+            EccPoint::try_from(out_point.point)
         } else {
             error!("Error when performing ECDH ZGen: {}", ret);
             Err(ret)
 
@@ -3,11 +3,10 @@
 use crate::{
     handles::{KeyHandle, ObjectHandle},
     structures::{Attest, AttestBuffer, Data, PcrSelectionList, Signature, SignatureScheme},
-    tss2_esys::*,
+    tss2_esys::{Esys_Certify, Esys_Quote},
     Context, Error, Result,
 };
 use log::error;
-use mbox::MBox;
 use std::convert::TryFrom;
 use std::ptr::null_mut;
 
@@ -123,8 +122,8 @@ impl Context {
         qualifying_data: Data,
         signing_scheme: SignatureScheme,
     ) -> Result<(Attest, Signature)> {
-        let mut certify_info = null_mut();
-        let mut signature = null_mut();
+        let mut certify_info_ptr = null_mut();
+        let mut signature_ptr = null_mut();
         let ret = unsafe {
             Esys_Certify(
                 self.mut_context(),
@@ -135,18 +134,18 @@ impl Context {
                 self.optional_session_3(),
                 &qualifying_data.into(),
                 &signing_scheme.into(),
-                &mut certify_info,
-                &mut signature,
+                &mut certify_info_ptr,
+                &mut signature_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            let certify_info = unsafe { MBox::<TPM2B_ATTEST>::from_raw(certify_info) };
-            let signature = unsafe { MBox::from_raw(signature) };
+            let certify_info = Context::ffi_data_to_owned(certify_info_ptr);
+            let signature = Context::ffi_data_to_owned(signature_ptr);
             Ok((
-                Attest::try_from(AttestBuffer::try_from(*certify_info)?)?,
-                Signature::try_from(*signature)?,
+                Attest::try_from(AttestBuffer::try_from(certify_info)?)?,
+                Signature::try_from(signature)?,
             ))
         } else {
             error!("Error in certifying: {}", ret);
@@ -167,8 +166,8 @@ impl Context {
         signing_scheme: SignatureScheme,
         pcr_selection_list: PcrSelectionList,
     ) -> Result<(Attest, Signature)> {
-        let mut quoted = null_mut();
-        let mut signature = null_mut();
+        let mut quoted_ptr = null_mut();
+        let mut signature_ptr = null_mut();
         let ret = unsafe {
             Esys_Quote(
                 self.mut_context(),
@@ -179,18 +178,18 @@ impl Context {
                 &qualifying_data.into(),
                 &signing_scheme.into(),
                 &pcr_selection_list.into(),
-                &mut quoted,
-                &mut signature,
+                &mut quoted_ptr,
+                &mut signature_ptr,
             )
         };
         let ret = Error::from_tss_rc(ret);
 
         if ret.is_success() {
-            let quoted = unsafe { MBox::from_raw(quoted) };
-            let signature = unsafe { MBox::from_raw(signature) };
+            let quoted = Context::ffi_data_to_owned(quoted_ptr);
+            let signature = Context::ffi_data_to_owned(signature_ptr);
             Ok((
-                Attest::try_from(AttestBuffer::try_from(*quoted)?)?,
-                Signature::try_from(*signature)?,
+                Attest::try_from(AttestBuffer::try_from(quoted)?)?,
+                Signature::try_from(signature)?,
             ))
         } else {
             error!("Error in quoting PCR: {}", ret);