10#include <botan/internal/ffi_pkey.h>
11#include <botan/internal/ffi_rng.h>
12#include <botan/internal/ffi_util.h>
14#if defined(BOTAN_HAS_TPM2)
15 #include <botan/tpm2_context.h>
16 #include <botan/tpm2_key.h>
17 #include <botan/tpm2_rng.h>
18 #include <botan/tpm2_session.h>
20 #if defined(BOTAN_HAS_TPM2_CRYPTO_BACKEND)
21 #include <botan/tpm2_crypto_backend.h>
29#if defined(BOTAN_HAS_TPM2)
35struct botan_tpm2_ctx_wrapper {
36 std::shared_ptr<Botan::TPM2::Context> ctx;
39struct botan_tpm2_session_wrapper {
40 std::shared_ptr<Botan::TPM2::Session> session;
46 #if defined(BOTAN_HAS_TPM2_CRYPTO_BACKEND)
56 (s2 !=
nullptr) ?
safe_get(s2).session :
nullptr,
57 (s3 !=
nullptr) ?
safe_get(s3).session :
nullptr);
67#if defined(BOTAN_HAS_TPM2)
75#if defined(BOTAN_HAS_TPM2)
77 if(ctx_out ==
nullptr) {
80 auto ctx = std::make_unique<botan_tpm2_ctx_wrapper>();
82 auto tcti = [=]() -> std::optional<std::string> {
83 if(tcti_nameconf ==
nullptr) {
86 return std::string(tcti_nameconf);
91 *ctx_out =
new botan_tpm2_ctx_struct(std::move(ctx));
101#if defined(BOTAN_HAS_TPM2)
103 if(ctx_out ==
nullptr) {
106 auto ctx = std::make_unique<botan_tpm2_ctx_wrapper>();
108 auto tcti_name_str = [=]() -> std::optional<std::string> {
109 if(tcti_name ==
nullptr) {
112 return std::string(tcti_name);
116 auto tcti_conf_str = [=]() -> std::optional<std::string> {
117 if(tcti_conf ==
nullptr) {
120 return std::string(tcti_conf);
125 *ctx_out =
new botan_tpm2_ctx_struct(std::move(ctx));
135#if defined(BOTAN_HAS_TPM2)
137 if(ctx_out ==
nullptr || esys_ctx ==
nullptr) {
141 auto ctx = std::make_unique<botan_tpm2_ctx_wrapper>();
143 *ctx_out =
new botan_tpm2_ctx_struct(std::move(ctx));
153#if defined(BOTAN_HAS_TPM2)
154 return BOTAN_FFI_VISIT(ctx, [=](botan_tpm2_ctx_wrapper& ctx_wrapper) ->
int {
160 std::shared_ptr<Botan::RandomNumberGenerator> rng_ptr(&rng_ref, [](
auto*) {});
161 ctx_wrapper.ctx->use_botan_crypto_backend(rng_ptr);
176#if defined(BOTAN_HAS_TPM2)
185 ESYS_CONTEXT* esys_ctx,
187#if defined(BOTAN_HAS_TPM2_CRYPTO_BACKEND)
189 if(cbs_out ==
nullptr || esys_ctx ==
nullptr) {
197 std::shared_ptr<Botan::RandomNumberGenerator> rng_ptr(&rng_ref, [](
auto*) {});
208#if defined(BOTAN_HAS_TPM2_CRYPTO_BACKEND)
221#if defined(BOTAN_HAS_TPM2)
222 return BOTAN_FFI_VISIT(ctx, [=](botan_tpm2_ctx_wrapper& ctx_wrapper) ->
int {
223 if(rng_out ==
nullptr) {
227 *rng_out =
new botan_rng_struct(
228 std::make_unique<Botan::TPM2::RandomNumberGenerator>(ctx_wrapper.ctx, sessions(s1, s2, s3)));
238#if defined(BOTAN_HAS_TPM2)
239 return BOTAN_FFI_VISIT(ctx, [=](botan_tpm2_ctx_wrapper& ctx_wrapper) ->
int {
240 if(session_out ==
nullptr) {
244 auto session = std::make_unique<botan_tpm2_session_wrapper>();
246 *session_out =
new botan_tpm2_session_struct(std::move(session));
256#if defined(BOTAN_HAS_TPM2)
static bool supports_botan_crypto_backend() noexcept
static std::shared_ptr< Context > create(const std::string &tcti_nameconf)
static std::shared_ptr< Session > unauthenticated_session(const std::shared_ptr< Context > &ctx, std::string_view sym_algo="CFB(AES-256)", std::string_view hash_algo="SHA-256")
struct botan_tpm2_session_struct * botan_tpm2_session_t
struct botan_tpm2_ctx_struct * botan_tpm2_ctx_t
struct botan_rng_struct * botan_rng_t
@ BOTAN_FFI_ERROR_NOT_IMPLEMENTED
@ BOTAN_FFI_ERROR_NULL_POINTER
struct botan_tpm2_crypto_backend_state_struct * botan_tpm2_crypto_backend_state_t
int botan_tpm2_ctx_enable_crypto_backend(botan_tpm2_ctx_t ctx, botan_rng_t rng)
int botan_tpm2_ctx_init_ex(botan_tpm2_ctx_t *ctx_out, const char *tcti_name, const char *tcti_conf)
int botan_tpm2_ctx_init(botan_tpm2_ctx_t *ctx_out, const char *tcti_nameconf)
int botan_tpm2_rng_init(botan_rng_t *rng_out, botan_tpm2_ctx_t ctx, botan_tpm2_session_t s1, botan_tpm2_session_t s2, botan_tpm2_session_t s3)
int botan_tpm2_ctx_from_esys(botan_tpm2_ctx_t *ctx_out, ESYS_CONTEXT *esys_ctx)
int botan_tpm2_ctx_destroy(botan_tpm2_ctx_t ctx)
int botan_tpm2_unauthenticated_session_init(botan_tpm2_session_t *session_out, botan_tpm2_ctx_t ctx)
int botan_tpm2_crypto_backend_state_destroy(botan_tpm2_crypto_backend_state_t cbs)
int botan_tpm2_session_destroy(botan_tpm2_session_t session)
int botan_tpm2_enable_crypto_backend(botan_tpm2_crypto_backend_state_t *cbs_out, ESYS_CONTEXT *esys_ctx, botan_rng_t rng)
int botan_tpm2_supports_crypto_backend()
#define BOTAN_FFI_VISIT(obj, lambda)
#define BOTAN_FFI_CHECKED_DELETE(o)
#define BOTAN_FFI_DECLARE_STRUCT(NAME, TYPE, MAGIC)
std::unique_ptr< CryptoCallbackState > use_botan_crypto_backend(ESYS_CONTEXT *context, const std::shared_ptr< Botan::RandomNumberGenerator > &rng)
T & safe_get(botan_struct< T, M > *p)
int ffi_guard_thunk(const char *func_name, const std::function< int()> &thunk)