• James Bottomley's avatar
    tpm: Add HMAC session start and end functions · 699e3efd
    James Bottomley authored
    Add session  based HMAC  authentication plus parameter  decryption and
    response encryption  using AES. The  basic design is to  segregate all
    the nasty crypto, hash and hmac code into tpm2-sessions.c and export a
    usable API.  The API first of all starts off by gaining a session with
    tpm2_start_auth_session() which  initiates a session with  the TPM and
    allocates  an  opaque  tpm2_auth   structure  to  handle  the  session
    parameters.  The  design is that  session use will be  single threaded
    from start to finish under the ops lock, so the tpm2_auth structure is
    stored in struct tpm2_chip to simpify the externally visible API.
    
    The session can be ended with tpm2_end_auth_session() which is
    designed only to be used in error legs.  Ordinarily the further
    session API (future patches) will end or continue the session
    appropriately without having to call this.
    Signed-off-by: default avatarJames Bottomley <James.Bottomley@HansenPartnership.com>
    Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> # crypto API parts
    Reviewed-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
    Tested-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
    Signed-off-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
    699e3efd
tpm-chip.c 14.7 KB