trusted_tpm1.c - OpenGrok cross reference for /kernel/linux/linux-5.10/security/keys/trusted-keys/trusted

Lines Matching defs:key
21 #include <linux/key-type.h>
75 static int TSS_rawhmac(unsigned char *digest, const unsigned char *key,
90 	ret = crypto_shash_setkey(hmacalg, key, keylen);
122 int TSS_authhmac(unsigned char *digest, const unsigned char *key,
165 		ret = TSS_rawhmac(digest, key, keylen, SHA1_DIGEST_SIZE,
180 			  const unsigned char *key,
245 	ret = TSS_rawhmac(testhmac, key, keylen, SHA1_DIGEST_SIZE, paramdigest,
361  * For key specific tpm requests, we will generate and send our
382  * Lock a trusted key, by extending a selected PCR.
384  * Prevents a trusted key that is sealed to PCRs from being accessed.
399 		const unsigned char *key, uint16_t type, uint32_t handle)
426 	return TSS_rawhmac(s->secret, key, SHA1_DIGEST_SIZE, TPM_NONCE_SIZE,
461  * Have the TPM seal(encrypt) the trusted key, possibly based on
462  * Platform Configuration Registers (PCRs). AUTH1 for sealing key.
488 	/* get session for sealing key */
515 	/* encrypt data authorization key */
580  * use the AUTH2_COMMAND form of unseal, to authorize both key and blob
599 	/* sessions for unsealing key and data */
666  * Have the TPM seal(encrypt) the symmetric key
678 	/* include migratable flag at end of sealed key */
679 	p->key[p->key_len] = p->migratable;
682 		       p->key, p->key_len + 1, p->blob, &p->blob_len,
692  * Have the TPM unseal(decrypt) the symmetric key
705 			 o->blobauth, p->key, &p->key_len);
709 		/* pull migratable flag out of sealed key */
710 		p->migratable = p->key[--p->key_len];
898 		/* first argument is key size */
961 static struct trusted_key_payload *trusted_payload_alloc(struct key *key)
966 	ret = key_payload_reserve(key, sizeof *p);
976  * trusted_instantiate - create a new trusted key
978  * Unseal an existing trusted blob or, for a new key, get a
979  * random key, then seal and create a trusted key-type key,
984 static int trusted_instantiate(struct key *key,
1014 	payload = trusted_payload_alloc(key);
1047 		ret = tpm_get_random(chip, payload->key, key_len);
1073 		rcu_assign_keypointer(key, payload);
1088  * trusted_update - reseal an existing key with new PCR values
1090 static int trusted_update(struct key *key, struct key_preparsed_payload *prep)
1099 	if (key_is_negative(key))
1101 	p = key->payload.data[0];
1115 	new_p = trusted_payload_alloc(key);
1136 	/* copy old key values, and reseal with new pcrs */
1139 	memcpy(new_p->key, p->key, p->key_len);
1157 	rcu_assign_keypointer(key, new_p);
1167  * On success, return to userspace the trusted key datablob size.
1169 static long trusted_read(const struct key *key, char *buffer,
1176 	p = dereference_key_locked(key);
1189  * trusted_destroy - clear and free the key's payload
1191 static void trusted_destroy(struct key *key)
1193 	kfree_sensitive(key->payload.data[0]);