Make PCR Selection optional for create_{primary_,}key

Fixes: 163
Signed-off-by: Patrick Uiterwijk <[email protected]>

Author: puiterwijk

src/abstraction/ek.rs

@@ -6,7 +6,6 @@ use crate::{
     constants::{algorithm::AsymmetricAlgorithm, tss::*},
     handles::{AuthHandle, KeyHandle, NvIndexTpmHandle, TpmHandle},
     interface_types::resource_handles::Hierarchy,
-    structures::PcrSelectionListBuilder,
     tss2_esys::{
         TPM2B_ECC_PARAMETER, TPM2B_PUBLIC, TPM2B_PUBLIC_KEY_RSA, TPMS_ECC_PARMS, TPMS_ECC_POINT,
         TPMS_RSA_PARMS, TPMS_SCHEME_HASH, TPMT_ECC_SCHEME, TPMT_KDF_SCHEME, TPMT_RSA_SCHEME,
@@ -114,18 +113,9 @@ fn create_ek_public_from_default_template(alg: AsymmetricAlgorithm) -> Result<TP
 pub fn create_ek_object(context: &mut Context, alg: AsymmetricAlgorithm) -> Result<KeyHandle> {
     let ek_public = create_ek_public_from_default_template(alg)?;
 
-    let creation_pcrs = PcrSelectionListBuilder::new().build();
-
     Ok(context
         .execute_with_nullauth_session(|ctx| {
-            ctx.create_primary_key(
-                Hierarchy::Endorsement,
-                &ek_public,
-                None,
-                None,
-                None,
-                creation_pcrs,
-            )
+            ctx.create_primary_key(Hierarchy::Endorsement, &ek_public, None, None, None, None)
         })?
         .key_handle)
 }

src/abstraction/transient.rs

@@ -18,9 +18,7 @@ use crate::constants::tss::*;
 use crate::constants::types::session::SessionType;
 use crate::handles::KeyHandle;
 use crate::interface_types::resource_handles::Hierarchy;
-use crate::structures::{
-    Auth, CreateKeyResult, Data, Digest, PcrSelectionListBuilder, PublicKeyRSA, VerifiedTicket,
-};
+use crate::structures::{Auth, CreateKeyResult, Data, Digest, PublicKeyRSA, VerifiedTicket};
 use crate::tcti::Tcti;
 use crate::tss2_esys::*;
 use crate::utils::{
@@ -111,8 +109,6 @@ impl TransientKeyContext {
             None
         };
 
-        let creation_pcrs = PcrSelectionListBuilder::new().build();
-
         self.set_session_attrs()?;
         let CreateKeyResult {
             out_private,
@@ -124,7 +120,7 @@ impl TransientKeyContext {
             key_auth.as_ref(),
             None,
             None,
-            creation_pcrs,
+            None,
         )?;
         self.set_session_attrs()?;
         let key_handle = self
@@ -676,8 +672,6 @@ impl TransientKeyContextBuilder {
             context.tr_set_auth(self.hierarchy.into(), &auth_hierarchy)?;
         }
 
-        let creation_pcrs = PcrSelectionListBuilder::new().build();
-
         let session = context
             .start_auth_session(
                 None,
@@ -711,7 +705,7 @@ impl TransientKeyContextBuilder {
                 root_key_auth.as_ref(),
                 None,
                 None,
-                creation_pcrs,
+                None,
             )?
             .key_handle;
 

src/context.rs

@@ -370,7 +370,7 @@ impl Context {
         auth_value: Option<&Auth>,
         initial_data: Option<&SensitiveData>,
         outside_info: Option<&Data>,
-        creation_pcrs: PcrSelectionList,
+        creation_pcrs: Option<PcrSelectionList>,
     ) -> Result<CreatePrimaryKeyResult> {
         let sensitive_create = TPM2B_SENSITIVE_CREATE {
             size: std::mem::size_of::<TPMS_SENSITIVE_CREATE>()
@@ -381,6 +381,7 @@ impl Context {
                 data: TPM2B_SENSITIVE_DATA::try_from(initial_data.cloned().unwrap_or_default())?,
             },
         };
+        let creation_pcrs = PcrSelectionList::list_from_option(creation_pcrs);
 
         let mut outpublic = null_mut();
         let mut creation_data = null_mut();
@@ -457,7 +458,7 @@ impl Context {
         auth_value: Option<&Auth>,
         initial_data: Option<&SensitiveData>,
         outside_info: Option<&Data>,
-        creation_pcrs: PcrSelectionList,
+        creation_pcrs: Option<PcrSelectionList>,
     ) -> Result<CreateKeyResult> {
         let sensitive_create = TPM2B_SENSITIVE_CREATE {
             size: std::mem::size_of::<TPMS_SENSITIVE_CREATE>()
@@ -468,6 +469,7 @@ impl Context {
                 data: TPM2B_SENSITIVE_DATA::try_from(initial_data.cloned().unwrap_or_default())?,
             },
         };
+        let creation_pcrs = PcrSelectionList::list_from_option(creation_pcrs);
 
         let mut outpublic = null_mut();
         let mut outprivate = null_mut();

src/structures/lists/pcr_selection.rs

@@ -26,6 +26,13 @@ impl PcrSelectionList {
         self.items.is_empty()
     }
 
+    /// Function for retrieving the PcrSelectionList from Option<PcrSelectionList>
+    ///
+    /// This returns an empty list if None is passed
+    pub fn list_from_option(pcr_list: Option<PcrSelectionList>) -> PcrSelectionList {
+        pcr_list.unwrap_or_else(|| PcrSelectionListBuilder::new().build())
+    }
+
     /// Removes items in `other` from `self.
     ///
     /// # Arguments