summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/boot/measure.c2
-rw-r--r--src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c8
-rw-r--r--src/shared/creds-util.c4
-rw-r--r--src/shared/tpm2-util.c44
-rw-r--r--src/shared/tpm2-util.h8
5 files changed, 33 insertions, 33 deletions
diff --git a/src/boot/measure.c b/src/boot/measure.c
index 0fe2e86448..b0bcfe0f98 100644
--- a/src/boot/measure.c
+++ b/src/boot/measure.c
@@ -855,7 +855,7 @@ static int verb_sign(int argc, char *argv[], void *userdata) {
assert(sizeof(intermediate_digest.buffer) >= SHA256_DIGEST_SIZE);
sha256_direct(p->value, p->value_size, intermediate_digest.buffer);
- int tpmalg = tpm2_pcr_bank_from_string(EVP_MD_name(p->md));
+ int tpmalg = tpm2_hash_alg_from_string(EVP_MD_name(p->md));
if (tpmalg < 0) {
log_error_errno(tpmalg, "Unsupported PCR bank");
goto finish;
diff --git a/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c b/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c
index dd379169ff..319b0ca64d 100644
--- a/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c
+++ b/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c
@@ -226,10 +226,10 @@ _public_ void cryptsetup_token_dump(
return (void) crypt_log_debug_errno(cd, r, "Can not dump " TOKEN_NAME " content: %m");
crypt_log(cd, "\ttpm2-hash-pcrs: %s\n", strna(hash_pcrs_str));
- crypt_log(cd, "\ttpm2-pcr-bank: %s\n", strna(tpm2_pcr_bank_to_string(pcr_bank)));
+ crypt_log(cd, "\ttpm2-pcr-bank: %s\n", strna(tpm2_hash_alg_to_string(pcr_bank)));
crypt_log(cd, "\ttpm2-pubkey:" CRYPT_DUMP_LINE_SEP "%s\n", pubkey_str);
crypt_log(cd, "\ttpm2-pubkey-pcrs: %s\n", strna(pubkey_pcrs_str));
- crypt_log(cd, "\ttpm2-primary-alg: %s\n", strna(tpm2_primary_alg_to_string(primary_alg)));
+ crypt_log(cd, "\ttpm2-primary-alg: %s\n", strna(tpm2_asym_alg_to_string(primary_alg)));
crypt_log(cd, "\ttpm2-blob: %s\n", blob_str);
crypt_log(cd, "\ttpm2-policy-hash:" CRYPT_DUMP_LINE_SEP "%s\n", policy_hash_str);
crypt_log(cd, "\ttpm2-pin: %s\n", true_false(flags & TPM2_FLAGS_USE_PIN));
@@ -288,7 +288,7 @@ _public_ int cryptsetup_token_validate(
return 1;
}
- if (tpm2_pcr_bank_from_string(json_variant_string(w)) < 0) {
+ if (tpm2_hash_alg_from_string(json_variant_string(w)) < 0) {
crypt_log_debug(cd, "TPM2 PCR bank invalid or not supported: %s.", json_variant_string(w));
return 1;
}
@@ -305,7 +305,7 @@ _public_ int cryptsetup_token_validate(
return 1;
}
- if (tpm2_primary_alg_from_string(json_variant_string(w)) < 0) {
+ if (tpm2_asym_alg_from_string(json_variant_string(w)) < 0) {
crypt_log_debug(cd, "TPM2 primary key algorithm invalid or not supported: %s", json_variant_string(w));
return 1;
}
diff --git a/src/shared/creds-util.c b/src/shared/creds-util.c
index 074440e99b..750ee2571e 100644
--- a/src/shared/creds-util.c
+++ b/src/shared/creds-util.c
@@ -990,9 +990,9 @@ int decrypt_credential_and_warn(
if (!TPM2_PCR_MASK_VALID(t->pcr_mask))
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "TPM2 PCR mask out of range.");
- if (!tpm2_pcr_bank_to_string(le16toh(t->pcr_bank)))
+ if (!tpm2_hash_alg_to_string(le16toh(t->pcr_bank)))
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "TPM2 PCR bank invalid or not supported");
- if (!tpm2_primary_alg_to_string(le16toh(t->primary_alg)))
+ if (!tpm2_asym_alg_to_string(le16toh(t->primary_alg)))
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "TPM2 primary key algorithm invalid or not supported.");
if (le32toh(t->blob_size) > CREDENTIAL_FIELD_SIZE_MAX)
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Unexpected TPM2 blob size.");
diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
index 974b14439c..363e8df5cc 100644
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -529,7 +529,7 @@ static int tpm2_bank_has24(const TPMS_PCR_SELECTION *selection) {
* TPM2 on a Client PC must have at least 24 PCRs. If this TPM has less, just skip over it. */
if (selection->sizeofSelect < TPM2_PCRS_MAX/8) {
log_debug("Skipping TPM2 PCR bank %s with fewer than 24 PCRs.",
- strna(tpm2_pcr_bank_to_string(selection->hash)));
+ strna(tpm2_hash_alg_to_string(selection->hash)));
return false;
}
@@ -546,7 +546,7 @@ static int tpm2_bank_has24(const TPMS_PCR_SELECTION *selection) {
if (!valid)
log_debug("TPM2 PCR bank %s has fewer than 24 PCR bits enabled, ignoring.",
- strna(tpm2_pcr_bank_to_string(selection->hash)));
+ strna(tpm2_hash_alg_to_string(selection->hash)));
return valid;
}
@@ -748,7 +748,7 @@ int tpm2_get_good_pcr_banks_strv(
const EVP_MD *implementation;
const char *salg;
- salg = tpm2_pcr_bank_to_string(algs[i]);
+ salg = tpm2_hash_alg_to_string(algs[i]);
if (!salg)
return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "TPM2 operates with unknown PCR algorithm, can't measure.");
@@ -972,7 +972,7 @@ static int find_signature(
if (!json_variant_is_object(v))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Signature is not a JSON object.");
- k = tpm2_pcr_bank_to_string(pcr_bank);
+ k = tpm2_hash_alg_to_string(pcr_bank);
if (!k)
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Don't know PCR bank %" PRIu16, pcr_bank);
@@ -1957,7 +1957,7 @@ int tpm2_extend_bytes(
if ((size_t) EVP_MD_size(implementation) > sizeof(values.digests[values.count].digest))
return log_error_errno(SYNTHETIC_ERRNO(E2BIG), "Hash result too large for TPM2.");
- id = tpm2_pcr_bank_from_string(EVP_MD_name(implementation));
+ id = tpm2_hash_alg_from_string(EVP_MD_name(implementation));
if (id < 0)
return log_error_errno(id, "Can't map hash name to TPM2.");
@@ -2143,8 +2143,8 @@ int tpm2_make_luks2_json(
JSON_BUILD_PAIR("keyslots", JSON_BUILD_ARRAY(JSON_BUILD_STRING(keyslot_as_string))),
JSON_BUILD_PAIR("tpm2-blob", JSON_BUILD_BASE64(blob, blob_size)),
JSON_BUILD_PAIR("tpm2-pcrs", JSON_BUILD_VARIANT(hmj)),
- JSON_BUILD_PAIR_CONDITION(!!tpm2_pcr_bank_to_string(pcr_bank), "tpm2-pcr-bank", JSON_BUILD_STRING(tpm2_pcr_bank_to_string(pcr_bank))),
- JSON_BUILD_PAIR_CONDITION(!!tpm2_primary_alg_to_string(primary_alg), "tpm2-primary-alg", JSON_BUILD_STRING(tpm2_primary_alg_to_string(primary_alg))),
+ JSON_BUILD_PAIR_CONDITION(!!tpm2_hash_alg_to_string(pcr_bank), "tpm2-pcr-bank", JSON_BUILD_STRING(tpm2_hash_alg_to_string(pcr_bank))),
+ JSON_BUILD_PAIR_CONDITION(!!tpm2_asym_alg_to_string(primary_alg), "tpm2-primary-alg", JSON_BUILD_STRING(tpm2_asym_alg_to_string(primary_alg))),
JSON_BUILD_PAIR("tpm2-policy-hash", JSON_BUILD_HEX(policy_hash, policy_hash_size)),
JSON_BUILD_PAIR("tpm2-pin", JSON_BUILD_BOOLEAN(flags & TPM2_FLAGS_USE_PIN)),
JSON_BUILD_PAIR_CONDITION(pubkey_pcr_mask != 0, "tpm2_pubkey_pcrs", JSON_BUILD_VARIANT(pkmj)),
@@ -2215,7 +2215,7 @@ int tpm2_parse_luks2_json(
if (!json_variant_is_string(w))
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "TPM2 PCR bank is not a string.");
- r = tpm2_pcr_bank_from_string(json_variant_string(w));
+ r = tpm2_hash_alg_from_string(json_variant_string(w));
if (r < 0)
return log_debug_errno(r, "TPM2 PCR bank invalid or not supported: %s", json_variant_string(w));
@@ -2231,9 +2231,9 @@ int tpm2_parse_luks2_json(
if (!json_variant_is_string(w))
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "TPM2 primary key algorithm is not a string.");
- r = tpm2_primary_alg_from_string(json_variant_string(w));
+ r = tpm2_asym_alg_from_string(json_variant_string(w));
if (r < 0)
- return log_debug_errno(r, "TPM2 primary key algorithm invalid or not supported: %s", json_variant_string(w));
+ return log_debug_errno(r, "TPM2 asymmetric algorithm invalid or not supported: %s", json_variant_string(w));
primary_alg = r;
}
@@ -2316,31 +2316,31 @@ int tpm2_parse_luks2_json(
return 0;
}
-const char *tpm2_pcr_bank_to_string(uint16_t bank) {
- if (bank == TPM2_ALG_SHA1)
+const char *tpm2_hash_alg_to_string(uint16_t alg) {
+ if (alg == TPM2_ALG_SHA1)
return "sha1";
- if (bank == TPM2_ALG_SHA256)
+ if (alg == TPM2_ALG_SHA256)
return "sha256";
- if (bank == TPM2_ALG_SHA384)
+ if (alg == TPM2_ALG_SHA384)
return "sha384";
- if (bank == TPM2_ALG_SHA512)
+ if (alg == TPM2_ALG_SHA512)
return "sha512";
return NULL;
}
-int tpm2_pcr_bank_from_string(const char *bank) {
- if (strcaseeq_ptr(bank, "sha1"))
+int tpm2_hash_alg_from_string(const char *alg) {
+ if (strcaseeq_ptr(alg, "sha1"))
return TPM2_ALG_SHA1;
- if (strcaseeq_ptr(bank, "sha256"))
+ if (strcaseeq_ptr(alg, "sha256"))
return TPM2_ALG_SHA256;
- if (strcaseeq_ptr(bank, "sha384"))
+ if (strcaseeq_ptr(alg, "sha384"))
return TPM2_ALG_SHA384;
- if (strcaseeq_ptr(bank, "sha512"))
+ if (strcaseeq_ptr(alg, "sha512"))
return TPM2_ALG_SHA512;
return -EINVAL;
}
-const char *tpm2_primary_alg_to_string(uint16_t alg) {
+const char *tpm2_asym_alg_to_string(uint16_t alg) {
if (alg == TPM2_ALG_ECC)
return "ecc";
if (alg == TPM2_ALG_RSA)
@@ -2348,7 +2348,7 @@ const char *tpm2_primary_alg_to_string(uint16_t alg) {
return NULL;
}
-int tpm2_primary_alg_from_string(const char *alg) {
+int tpm2_asym_alg_from_string(const char *alg) {
if (strcaseeq_ptr(alg, "ecc"))
return TPM2_ALG_ECC;
if (strcaseeq_ptr(alg, "rsa"))
diff --git a/src/shared/tpm2-util.h b/src/shared/tpm2-util.h
index 04efd78638..99b258c290 100644
--- a/src/shared/tpm2-util.h
+++ b/src/shared/tpm2-util.h
@@ -126,11 +126,11 @@ static inline bool TPM2_PCR_MASK_VALID(uint64_t pcr_mask) {
#define TPM2_ALG_RSA 0x1
#endif
-const char *tpm2_pcr_bank_to_string(uint16_t bank);
-int tpm2_pcr_bank_from_string(const char *bank);
+const char *tpm2_hash_alg_to_string(uint16_t alg);
+int tpm2_hash_alg_from_string(const char *alg);
-const char *tpm2_primary_alg_to_string(uint16_t alg);
-int tpm2_primary_alg_from_string(const char *alg);
+const char *tpm2_asym_alg_to_string(uint16_t alg);
+int tpm2_asym_alg_from_string(const char *alg);
typedef struct {
uint32_t search_pcr_mask;
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-04 15:26:38 +0100