Adds the 'Saved' interface type.

Superhepper · Superhepper · commit 067702d369fb · 2024-03-16T09:10:23.000+01:00
- Adds a native version of the Saved interface
  type.

Signed-off-by: Jesper Brynolf &lt;jesper.brynolf@gmail.com&gt;
diff --git a/tss-esapi/src/constants/tss.rs b/tss-esapi/src/constants/tss.rs
@@ -644,6 +644,10 @@ pub const TSS2_RESMGR_TPM_RC_LAYER: TSS2_RC = 0x000C0000; /* base is a TPM2_RC_*
 
 pub const TSS2_RC_SUCCESS: TSS2_RC = 0x00000000;
 
+pub const TPMI_DH_SAVED_TRANSIENT: TPMI_DH_SAVED = 0x80000000; /* an ordinary transient object */
+pub const TPMI_DH_SAVED_SEQUENCE: TPMI_DH_SAVED = 0x80000001; /* a sequence object */
+pub const TPMI_DH_SAVED_TRANSIENT_CLEAR: TPMI_DH_SAVED = 0x80000002; /* a transient object with the stClear attribute SET */
+
 pub use crate::tss2_esys::TSS2_BASE_RC_ABI_MISMATCH; /* Passed in ABI version doesn't match called module's ABI version */
 pub use crate::tss2_esys::TSS2_BASE_RC_BAD_CONTEXT; /* A context structure is bad */
 pub use crate::tss2_esys::TSS2_BASE_RC_BAD_REFERENCE; /* A pointer is NULL that isn't allowed to be NULL. */
diff --git a/tss-esapi/src/handles/tpm.rs b/tss-esapi/src/handles/tpm.rs
@@ -326,7 +326,10 @@ pub mod saved_session {
 pub mod transient {
     //! Module for transient TPM handles
     use super::*;
-    use crate::constants::tss::{TPM2_HT_TRANSIENT, TPM2_TRANSIENT_FIRST, TPM2_TRANSIENT_LAST};
+    use crate::constants::tss::{
+        TPM2_HT_TRANSIENT, TPM2_TRANSIENT_FIRST, TPM2_TRANSIENT_LAST, TPMI_DH_SAVED_SEQUENCE,
+        TPMI_DH_SAVED_TRANSIENT, TPMI_DH_SAVED_TRANSIENT_CLEAR,
+    };
 
     create_tpm_handle_type!(
         TransientTpmHandle,
@@ -335,6 +338,13 @@ pub mod transient {
         TPM2_TRANSIENT_FIRST,
         TPM2_TRANSIENT_LAST
     );
+    add_constant_handle!(TransientTpmHandle, SavedTransient, TPMI_DH_SAVED_TRANSIENT);
+    add_constant_handle!(TransientTpmHandle, SavedSequence, TPMI_DH_SAVED_SEQUENCE);
+    add_constant_handle!(
+        TransientTpmHandle,
+        SavedTransientClear,
+        TPMI_DH_SAVED_TRANSIENT_CLEAR
+    );
 }
 
 pub mod persistent {
diff --git a/tss-esapi/src/interface_types/data_handles.rs b/tss-esapi/src/interface_types/data_handles.rs
@@ -4,7 +4,7 @@ use crate::{
         HmacSessionTpmHandle, NvIndexTpmHandle, PcrTpmHandle, PersistentTpmHandle,
         PolicySessionTpmHandle, TpmHandle, TransientTpmHandle,
     },
-    tss2_esys::TPMI_DH_CONTEXT,
+    tss2_esys::{TPMI_DH_CONTEXT, TPMI_DH_SAVED},
     Error, Result, WrapperErrorKind,
 };
 use std::convert::TryFrom;
@@ -27,7 +27,6 @@ pub enum Parent {
     Endorsement,
 }
 
-///
 /// Enum representing the Persistent DH interface type
 /// (TPMI_DH_PERSISTENT)
 ///
@@ -72,6 +71,10 @@ pub enum Pcr {
 ///
 /// # Details
 /// This corresponds to the TPMI_DH_CONTEXT interface type.
+/// This corresponds to the TPMI_DH_CONTEXT interface type. This only
+/// exist for compatibility purposes the specification is not entirely
+/// clear on whether this should still be used or be completely replaced by
+/// [Saved].
 #[derive(Debug, Copy, Clone, Eq, PartialEq)]
 pub enum ContextDataHandle {
     Hmac(HmacSessionTpmHandle),
@@ -109,3 +112,53 @@ impl TryFrom<TPMI_DH_CONTEXT> for ContextDataHandle {
         })
     }
 }
+
+/// Enum representing the 'Saved' data handles interface type.
+///
+/// # Details
+/// This corresponds to the TPMI_DH_SAVED interface type.
+#[derive(Debug, Copy, Clone, Eq, PartialEq)]
+pub enum Saved {
+    Hmac(HmacSessionTpmHandle),
+    Policy(PolicySessionTpmHandle),
+    Transient,
+    Sequence,
+    TransientClear,
+}
+
+impl From<HmacSessionTpmHandle> for Saved {
+    fn from(hmac_session_tpm_handle: HmacSessionTpmHandle) -> Self {
+        Saved::Hmac(hmac_session_tpm_handle)
+    }
+}
+
+impl From<PolicySessionTpmHandle> for Saved {
+    fn from(policy_session_tpm_handle: PolicySessionTpmHandle) -> Self {
+        Saved::Policy(policy_session_tpm_handle)
+    }
+}
+
+impl TryFrom<TransientTpmHandle> for Saved {
+    type Error = Error;
+    fn try_from(transient_tpm_handle: TransientTpmHandle) -> Result<Self> {
+        match transient_tpm_handle {
+            TransientTpmHandle::SavedTransient => Ok(Saved::Transient),
+            TransientTpmHandle::SavedSequence => Ok(Saved::Sequence),
+            TransientTpmHandle::SavedTransientClear => Ok(Saved::TransientClear),
+            _ => Err(Error::local_error(WrapperErrorKind::InvalidParam)),
+        }
+    }
+}
+
+impl TryFrom<TPMI_DH_SAVED> for Saved {
+    type Error = Error;
+
+    fn try_from(ffi: TPMI_DH_SAVED) -> Result<Self> {
+        TpmHandle::try_from(ffi).and_then(|tpm_handle| match tpm_handle {
+            TpmHandle::HmacSession(handle) => Ok(Self::Hmac(handle)),
+            TpmHandle::PolicySession(handle) => Ok(Self::Policy(handle)),
+            TpmHandle::Transient(handle) => Saved::try_from(handle),
+            _ => Err(Error::local_error(WrapperErrorKind::InvalidParam)),
+        })
+    }
+}
diff --git a/tss-esapi/tests/integration_tests/interface_types_tests/data_handles_tests.rs b/tss-esapi/tests/integration_tests/interface_types_tests/data_handles_tests.rs
@@ -4,18 +4,20 @@ use std::convert::TryFrom;
 use tss_esapi::{
     constants::tss::{
         TPM2_HMAC_SESSION_LAST, TPM2_PERMANENT_LAST, TPM2_POLICY_SESSION_LAST, TPM2_TRANSIENT_LAST,
+        TPMI_DH_SAVED_SEQUENCE, TPMI_DH_SAVED_TRANSIENT, TPMI_DH_SAVED_TRANSIENT_CLEAR,
     },
     handles::{HmacSessionTpmHandle, PolicySessionTpmHandle, TransientTpmHandle},
-    interface_types::data_handles::ContextDataHandle,
+    interface_types::data_handles::{ContextDataHandle, Saved},
     Error, WrapperErrorKind,
 };
 
-macro_rules! context_data_handle_valid_conversions {
-    (ContextDataHandle::$enum_item:ident, $handle_type:ident, $tss:ident) => {
-        let context_data_handle = ContextDataHandle::try_from($tss).unwrap_or_else(|_| {
+macro_rules! test_valid_conversions_for_range_enum_items {
+    ($enum_type:ident::$enum_item:ident, $handle_type:ident, $tss:ident) => {
+        let actual_enum_item = $enum_type::try_from($tss).unwrap_or_else(|_| {
             panic!(
-                "Converting {} into ContextDataHandle should not cause an error.",
-                std::stringify!($tss)
+                "Converting {} into {} should not cause an error.",
+                std::stringify!($tss),
+                std::any::type_name::<$enum_type>(),
             );
         });
         let expected_handle = $handle_type::try_from($tss).unwrap_or_else(|_| {
@@ -25,40 +27,89 @@ macro_rules! context_data_handle_valid_conversions {
                 std::stringify!($handle_type)
             );
         });
-        if let ContextDataHandle::$enum_item(actual_handle) = context_data_handle {
+        if let $enum_type::$enum_item(actual_handle) = actual_enum_item {
             assert_eq!(
                 expected_handle,
                 actual_handle,
-                "{} was converted into the expected handle.",
+                "{} was not converted into the expected handle.",
                 std::stringify!($tss)
             );
         } else {
             panic!(
-                "{} should convert into a {}",
+                "{} should convert into a {}.",
                 std::stringify!($tss),
-                std::stringify!(ContextDataHandle::$enum_item)
+                std::stringify!($enum_type::$enum_item)
             );
         }
         assert_eq!(
-            context_data_handle,
-            ContextDataHandle::from(expected_handle)
+            actual_enum_item,
+            $enum_type::try_from(expected_handle).unwrap_or_else(|_| {
+                panic!(
+                    "Should be possible to convert {:?} into {}.",
+                    expected_handle,
+                    std::any::type_name::<$enum_type>()
+                )
+            })
         );
     };
 }
 
+macro_rules! test_valid_conversions_constant_handle_value {
+    ($enum_type:ident::$enum_item:ident, $handle_type:ident::$constant_item:ident, $tss:ident) => {
+        let actual_enum_item = $enum_type::try_from($tss).unwrap_or_else(|_| {
+            panic!(
+                "Converting {} into {} should not cause an error.",
+                std::stringify!($tss),
+                std::any::type_name::<$enum_type>(),
+            );
+        });
+        let expected_handle = $handle_type::$constant_item;
+        assert_eq!(
+            actual_enum_item,
+            $enum_type::try_from(expected_handle).unwrap_or_else(|_| {
+                panic!(
+                    "Should be possible to convert {:?} into {}.",
+                    expected_handle,
+                    std::any::type_name::<$enum_type>()
+                )
+            })
+        );
+    };
+}
+
+macro_rules! test_invalid_conversions {
+    ($enum_type:ident, $invalid_value:ident, WrapperErrorKind::$error_kind:ident) => {
+        let result = $enum_type::try_from($invalid_value);
+        if let Err(error) = result {
+            assert_eq!(
+                Error::WrapperError(WrapperErrorKind::$error_kind),
+                error,
+                "Converting an invalid value {} did not produce the expected error: {}.",
+                std::stringify!($invalid_value),
+                std::stringify!(Error::WrapperError(WrapperErrorKind::$error_kind)),
+            );
+        } else {
+            panic!(
+                "Converting an invalid value {} did not produce an error.",
+                std::stringify!($invalid_value)
+            );
+        }
+    };
+}
+
 #[test]
 fn test_context_data_handle_valid_conversions() {
-    context_data_handle_valid_conversions!(
+    test_valid_conversions_for_range_enum_items!(
         ContextDataHandle::Hmac,
         HmacSessionTpmHandle,
         TPM2_HMAC_SESSION_LAST
     );
-    context_data_handle_valid_conversions!(
+    test_valid_conversions_for_range_enum_items!(
         ContextDataHandle::Policy,
         PolicySessionTpmHandle,
         TPM2_POLICY_SESSION_LAST
     );
-    context_data_handle_valid_conversions!(
+    test_valid_conversions_for_range_enum_items!(
         ContextDataHandle::Transient,
         TransientTpmHandle,
         TPM2_TRANSIENT_LAST
@@ -67,10 +118,44 @@ fn test_context_data_handle_valid_conversions() {
 
 #[test]
 fn test_context_data_handle_invalid_conversion() {
-    let result = ContextDataHandle::try_from(TPM2_PERMANENT_LAST);
-    if let Err(error) = result {
-        assert_eq!(Error::WrapperError(WrapperErrorKind::InvalidParam), error);
-    } else {
-        panic!("Converting an invalid value `TPM2_PERMANENT_LAST` into a ContextDataHandle should produce an error.");
-    }
+    test_invalid_conversions!(
+        ContextDataHandle,
+        TPM2_PERMANENT_LAST,
+        WrapperErrorKind::InvalidParam
+    );
+}
+
+#[test]
+fn test_saved_valid_conversions() {
+    test_valid_conversions_for_range_enum_items!(
+        Saved::Hmac,
+        HmacSessionTpmHandle,
+        TPM2_HMAC_SESSION_LAST
+    );
+    test_valid_conversions_for_range_enum_items!(
+        Saved::Policy,
+        PolicySessionTpmHandle,
+        TPM2_POLICY_SESSION_LAST
+    );
+    test_valid_conversions_constant_handle_value!(
+        Saved::Transient,
+        TransientTpmHandle::SavedTransient,
+        TPMI_DH_SAVED_TRANSIENT
+    );
+    test_valid_conversions_constant_handle_value!(
+        Saved::Sequence,
+        TransientTpmHandle::SavedSequence,
+        TPMI_DH_SAVED_SEQUENCE
+    );
+    test_valid_conversions_constant_handle_value!(
+        Saved::TransientClear,
+        TransientTpmHandle::SavedTransientClear,
+        TPMI_DH_SAVED_TRANSIENT_CLEAR
+    );
+}
+
+#[test]
+fn test_saved_invalid_conversions() {
+    test_invalid_conversions!(Saved, TPM2_PERMANENT_LAST, WrapperErrorKind::InvalidParam);
+    test_invalid_conversions!(Saved, TPM2_TRANSIENT_LAST, WrapperErrorKind::InvalidParam);
 }
