diff options
Diffstat (limited to 'include/keys/trusted-type.h')
| -rw-r--r-- | include/keys/trusted-type.h | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h index a94c03a61d8f..d89fa2579ac0 100644 --- a/include/keys/trusted-type.h +++ b/include/keys/trusted-type.h @@ -11,6 +11,12 @@ #include <linux/rcupdate.h> #include <linux/tpm.h> +#ifdef pr_fmt +#undef pr_fmt +#endif + +#define pr_fmt(fmt) "trusted_key: " fmt + #define MIN_KEY_SIZE 32 #define MAX_KEY_SIZE 128 #define MAX_BLOB_SIZE 512 @@ -22,6 +28,7 @@ struct trusted_key_payload { unsigned int key_len; unsigned int blob_len; unsigned char migratable; + unsigned char old_format; unsigned char key[MAX_KEY_SIZE + 1]; unsigned char blob[MAX_BLOB_SIZE]; }; @@ -30,6 +37,7 @@ struct trusted_key_options { uint16_t keytype; uint32_t keyhandle; unsigned char keyauth[TPM_DIGEST_SIZE]; + uint32_t blobauth_len; unsigned char blobauth[TPM_DIGEST_SIZE]; uint32_t pcrinfo_len; unsigned char pcrinfo[MAX_PCRINFO_SIZE]; @@ -40,6 +48,53 @@ struct trusted_key_options { uint32_t policyhandle; }; +struct trusted_key_ops { + /* + * flag to indicate if trusted key implementation supports migration + * or not. + */ + unsigned char migratable; + + /* Initialize key interface. */ + int (*init)(void); + + /* Seal a key. */ + int (*seal)(struct trusted_key_payload *p, char *datablob); + + /* Unseal a key. */ + int (*unseal)(struct trusted_key_payload *p, char *datablob); + + /* Get a randomized key. */ + int (*get_random)(unsigned char *key, size_t key_len); + + /* Exit key interface. */ + void (*exit)(void); +}; + +struct trusted_key_source { + char *name; + struct trusted_key_ops *ops; +}; + extern struct key_type key_type_trusted; +#define TRUSTED_DEBUG 0 + +#if TRUSTED_DEBUG +static inline void dump_payload(struct trusted_key_payload *p) +{ + pr_info("key_len %d\n", p->key_len); + print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE, + 16, 1, p->key, p->key_len, 0); + pr_info("bloblen %d\n", p->blob_len); + print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE, + 16, 1, p->blob, p->blob_len, 0); + pr_info("migratable %d\n", p->migratable); +} +#else +static inline void dump_payload(struct trusted_key_payload *p) +{ +} +#endif + #endif /* _KEYS_TRUSTED_TYPE_H */ |