diff options
author | Grigori Goronzy <greg@chown.ath.cx> | 2022-02-18 11:51:25 +0100 |
---|---|---|
committer | Grigori Goronzy <greg@chown.ath.cx> | 2022-03-15 21:17:00 +0100 |
commit | 6c7a1681052c37ef354a000355c4c0d676113a1a (patch) | |
tree | 7aed1aa383eee6f56037b782048d0909638b19c5 /src/shared/tpm2-util.h | |
parent | 2f5a892aa0d70aa4f1f10c8dba495ad52bc02bc3 (diff) | |
download | systemd-6c7a1681052c37ef354a000355c4c0d676113a1a.tar.gz |
cryptenroll: add support for TPM2 pin
Add support for PIN enrollment with TPM2. A new "tpm2-pin" field is
introduced into metadata to signal that the policy needs to include a
PIN.
v2: fix tpm2_make_luks2_json in sd-repart
Diffstat (limited to 'src/shared/tpm2-util.h')
-rw-r--r-- | src/shared/tpm2-util.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/shared/tpm2-util.h b/src/shared/tpm2-util.h index 784e9fd11e..5a9bcf8c24 100644 --- a/src/shared/tpm2-util.h +++ b/src/shared/tpm2-util.h @@ -6,6 +6,10 @@ #include "json.h" #include "macro.h" +typedef enum TPM2Flags { + TPM2_FLAGS_USE_PIN = 1 << 0, +} TPM2Flags; + #if HAVE_TPM2 #include <tss2/tss2_esys.h> @@ -49,7 +53,7 @@ int tpm2_find_device_auto(int log_level, char **ret); int tpm2_parse_pcrs(const char *s, uint32_t *ret); -int tpm2_make_luks2_json(int keyslot, uint32_t pcr_mask, uint16_t pcr_bank, uint16_t primary_alg, const void *blob, size_t blob_size, const void *policy_hash, size_t policy_hash_size, JsonVariant **ret); +int tpm2_make_luks2_json(int keyslot, uint32_t pcr_mask, uint16_t pcr_bank, uint16_t primary_alg, const void *blob, size_t blob_size, const void *policy_hash, size_t policy_hash_size, TPM2Flags flags, JsonVariant **ret); #define TPM2_PCRS_MAX 24 |