Skip to content

tcti: Adds support for libtpms backend #535

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Sep 16, 2024
+41 −3
Merged

tcti: Adds support for libtpms backend #535

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 12 additions & 3 deletions tss-esapi/src/context.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
mod handle_manager;
use crate::{
attributes::SessionAttributesBuilder,
constants::{CapabilityType, PropertyTag, SessionType},
constants::{CapabilityType, PropertyTag, SessionType, StartupType},
handles::{ObjectHandle, SessionHandle},
interface_types::{algorithm::HashingAlgorithm, session_handles::AuthSession},
structures::{CapabilityData, SymmetricDefinition},
Expand Down Expand Up @@ -91,6 +91,9 @@ impl Context {
pub fn new(tcti_name_conf: TctiNameConf) -> Result<Self> {
let mut esys_context = null_mut();

// Some TCTI backend will not automatically send a clear and we need to send a clear
// manually before being to operate.
let needs_clear_startup = matches!(tcti_name_conf, TctiNameConf::LibTpms { .. });
let mut _tcti_context = TctiContext::initialize(tcti_name_conf)?;

ReturnCode::ensure_success(
Expand All @@ -107,13 +110,19 @@ impl Context {
)?;

let esys_context = unsafe { Some(Malloced::from_raw(esys_context)) };
Ok(Context {
let mut context = Context {
esys_context,
sessions: (None, None, None),
_tcti_context,
handle_manager: HandleManager::new(),
cached_tpm_properties: HashMap::new(),
})
};

if needs_clear_startup {
context.startup(StartupType::Clear)?;
}

Ok(context)
}

/// Create a new ESYS context based on the TAB Resource Manager Daemon.
Expand Down
29 changes: 29 additions & 0 deletions tss-esapi/src/tcti_ldr.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ const DEVICE: &str = "device";
const MSSIM: &str = "mssim";
const SWTPM: &str = "swtpm";
const TABRMD: &str = "tabrmd";
const LIBTPMS: &str = "libtpms";

/// TCTI Context created via a TCTI Loader Library.
/// Wrapper around the TSS2_TCTI_CONTEXT structure.
Expand Down Expand Up @@ -139,6 +140,10 @@ pub enum TctiNameConf {
///
/// For more information about configuration, see [this page](https://www.mankier.com/3/Tss2_Tcti_Mssim_Init)
Swtpm(TpmSimulatorConfig),
/// Connect to a TPM (simulator) available as a library
///
/// This allows for an optional state file
LibTpms { state: Option<PathBuf> },
/// Connect to a TPM through an Access Broker/Resource Manager daemon
///
/// For more information about configuration, see [this page](https://www.mankier.com/3/Tss2_Tcti_Tabrmd_Init)
Expand Down Expand Up @@ -174,6 +179,7 @@ impl TryFrom<TctiNameConf> for CString {
TctiNameConf::Mssim(..) => MSSIM,
TctiNameConf::Swtpm(..) => SWTPM,
TctiNameConf::Tabrmd(..) => TABRMD,
TctiNameConf::LibTpms { .. } => LIBTPMS,
};

let tcti_conf = match tcti {
Expand Down Expand Up @@ -204,6 +210,9 @@ impl TryFrom<TctiNameConf> for CString {
TctiNameConf::Tabrmd(config) => {
format!("bus_name={},bus_type={}", config.bus_name, config.bus_type)
}
TctiNameConf::LibTpms { state } => {
state.map(|s| s.display().to_string()).unwrap_or_default()
}
};

if tcti_conf.is_empty() {
Expand Down Expand Up @@ -247,6 +256,15 @@ impl FromStr for TctiNameConf {
)?));
}

let libtpms_pattern = Regex::new(r"^libtpms(:(.*))?$").unwrap(); //should not fail
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Too bad we've got parsing all these regexes here, instead of some static variable... but the same happens with others so it's 👍

if let Some(captures) = libtpms_pattern.captures(config_str) {
return Ok(TctiNameConf::LibTpms {
state: captures
.get(2)
.and_then(|s| PathBuf::from_str(s.as_str()).ok()),
});
}

Err(Error::WrapperError(WrapperErrorKind::InvalidParam))
}
}
Expand Down Expand Up @@ -327,6 +345,17 @@ fn validate_from_str_tcti() {

let tcti = TctiNameConf::from_str("tabrmd").unwrap();
assert_eq!(tcti, TctiNameConf::Tabrmd(Default::default()));

let tcti = TctiNameConf::from_str("libtpms:/try/this/path").unwrap();
assert_eq!(
tcti,
TctiNameConf::LibTpms {
state: Some(PathBuf::from("/try/this/path"))
}
);

let tcti = TctiNameConf::from_str("libtpms").unwrap();
assert_eq!(tcti, TctiNameConf::LibTpms { state: None });
}

/// Configuration for a Device TCTI context
Expand Down