函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\keys\trusted-keys\trusted_tpm1.c Create Date:2022-07-27 20:04:47
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:Have the TPM seal(encrypt) the trusted key, possibly based on* Platform Configuration Registers (PCRs). AUTH1 for sealing key.

函数原型:static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, uint32_t keyhandle, const unsigned char *keyauth, const unsigned char *data, uint32_t datalen, unsigned char *blob, uint32_t *bloblen, const unsigned char *blobauth, const unsigned char *pcrinfo, uint32_t pcrinfosize)

返回类型:int

参数:

类型参数名称
struct tpm_buf *tb
uint16_tkeytype
uint32_tkeyhandle
const unsigned char *keyauth
const unsigned char *data
uint32_tdatalen
unsigned char *blob
uint32_t *bloblen
const unsigned char *blobauth
const unsigned char *pcrinfo
uint32_tpcrinfosize
481  td等于开辟内存
482  如果非td则返回:负ENOMEM
486  ret等于Create an object specific authorisation protocol (OSAP) session
487  如果ret小于0则转到:out
489  dump_sess( & sess)
492  memcpy(xorwork, secret, SHA1_DIGEST_SIZE)
493  memcpy(xorwork + SHA1_DIGEST_SIZE, enonce, SHA1_DIGEST_SIZE)
494  ret等于TSS_sha1(xorwork, SHA1_DIGEST_SIZE * 2, xorhash)
495  如果ret小于0则转到:out
498  ret等于tpm_get_random(chip, nonceodd, TPM_NONCE_SIZE)
499  如果ret不等于TPM_NONCE_SIZE则转到:out
501  ordinal等于htonl(TPM_ORD_SEAL)
502  datsize等于htonl(datalen)
503  pcrsize等于htonl(pcrinfosize)
504  cont等于0
507 i小于SHA1_DIGEST_SIZE循环encauth[i]等于xorhash[i]按位异或blobauth[i]
511  如果pcrinfosize恒等于0则
513  ret等于alculate authorization info fields to send to TPM
519  否则
521  ret等于alculate authorization info fields to send to TPM
528  如果ret小于0则转到:out
532  tpm_buf_reset(tb, TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_SEAL)
533  tpm_buf_append_u32(tb, keyhandle)
534  tpm_buf_append(tb, encauth, SHA1_DIGEST_SIZE)
535  tpm_buf_append_u32(tb, pcrinfosize)
536  tpm_buf_append(tb, pcrinfo, pcrinfosize)
537  tpm_buf_append_u32(tb, datalen)
538  tpm_buf_append(tb, data, datalen)
539  tpm_buf_append_u32(tb, handle)
540  tpm_buf_append(tb, nonceodd, TPM_NONCE_SIZE)
541  tpm_buf_append_u8(tb, cont)
542  tpm_buf_append(tb, pubauth, SHA1_DIGEST_SIZE)
544  ret等于For key specific tpm requests, we will generate and send our* own TPM command packets using the drivers send function.
545  如果ret小于0则转到:out
549  sealinfosize等于LOAD32(data, TPM_DATA_OFFSET + sizeof(uint32_t))
550  encdatasize等于LOAD32(data, TPM_DATA_OFFSET + sizeof(uint32_t) + sizeof(uint32_t) + sealinfosize)
552  storedsize等于sizeof(uint32_t)加sizeof(uint32_t)加sealinfosizesizeof(uint32_t)加encdatasize
556  ret等于verify the AUTH1_COMMAND (Seal) result from TPM
561  如果非ret
562  memcpy(blob, data + TPM_DATA_OFFSET, storedsize)
563  bloblen等于storedsize
565  out :
566  kzfree - like kfree but zero memory*@p: object to free memory of* The memory of the object @p points to is zeroed before freed.* If @p is %NULL, kzfree() does nothing.* Note: this function zeroes the whole allocated buffer which can be a good
567  返回:ret
调用者
名称描述
key_sealHave the TPM seal(encrypt) the symmetric key