RPM Package Manager, CVS Repository http://rpm5.org/cvs/ ____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson Root: /v/rpm/cvs Email: j...@rpm5.org Module: libtpm Date: 16-Sep-2013 17:13:28 Branch: HEAD Handle: 2013091615132700 Modified files: libtpm/libtpm/utils createkey.c session.c Log: - WIP. Summary: Revision Changes Path 1.15 +1 -1 libtpm/libtpm/utils/createkey.c 1.13 +97 -121 libtpm/libtpm/utils/session.c ____________________________________________________________________________ patch -p0 <<'@@ .' Index: libtpm/libtpm/utils/createkey.c ============================================================================ $ cvs diff -u -r1.14 -r1.15 createkey.c --- libtpm/libtpm/utils/createkey.c 15 Sep 2013 22:22:05 -0000 1.14 +++ libtpm/libtpm/utils/createkey.c 16 Sep 2013 15:13:27 -0000 1.15 @@ -158,7 +158,7 @@ if (hp_str) sscanf(hp_str, "%x", &parhandle); if (kt_str) keytype = kt_str[0]; - TPM_setlog(0); /* turn off verbose output */ + TPM_setlog(rpmIsVerbose() ? 1 : 0); if (es_str) { if (!strcmp(es_str, "pkcsv15")) @@ . patch -p0 <<'@@ .' Index: libtpm/libtpm/utils/session.c ============================================================================ $ cvs diff -u -r1.12 -r1.13 session.c --- libtpm/libtpm/utils/session.c 15 Sep 2013 22:45:00 -0000 1.12 +++ libtpm/libtpm/utils/session.c 16 Sep 2013 15:13:27 -0000 1.13 @@ -8,6 +8,7 @@ #include "copyright.h" #include "system.h" +#include <argv.h> #include <poptIO.h> #define N_(_s) _s @@ -248,49 +249,62 @@ return ec; } +/* XXX row: keyhandle password */ +/* XXX test: id pwdtype enonce ssecret */ +/* XXX close: id */ +static char *rowpass; static char *ownerpass; static char *keypass; static char *srkpass; static uint32_t keyhandle = 0; -static char *key_str; - -static char *rowpass; -/* XXX keyhandle password */ -static char *row_str; - static int action = ACTION_OPEN; -static unsigned int id; -/* XXX id pwdtype enonce ssecret */ -static char *test_str; -/* XXX id */ -static char *close_str; - +static unsigned id; static uint32_t ekhandle = 0; static char *ekpass; + static char *ek_str; -static void usage(void) -{ - printf - ("Usage: session oiap|osap|dsap|transport|daa [close <id>] [Options]\n" - "\n" "Options are:\n" - "owner <owner password> : to use owner password\n" - "key <keyhandle> : to use a key handle\n" - "keypass <password> : password for the key given with 'key'\n" - "srkpass <password> : shortcut for specifying the SRK's password\n" - " it's not necessary to provide 'key'\n" - "row <row, delg. owner pwd>: in connection with DSAP session type this\n" - " allows to specify a row in the delegation\n" - " table; also need delegate owner pwd.\n" - "test <id> <owner|...> : to test a session with a given id\n" - " <enonce> <ssecret> that uses an owner or ... password\n" - "-ek : handle of encryption key; mandatory when using 'transport'.\n" - "-ekp : password for encryption key\n" "\n"); -} +static struct poptOption optionsTable[] = { + { "ek", '\0', POPT_ARG_STRING|POPT_ARGFLAG_ONEDASH, &ek_str, 0, + N_("Specify encryption key <handle>"), N_(" <handle>") }, + { "ekp", '\0', POPT_ARG_STRING|POPT_ARGFLAG_ONEDASH, &ekpass, 0, + N_("Specify encryption key <password>"), N_(" <password>") }, + + { NULL, (char)-1, POPT_ARG_INCLUDE_TABLE, NULL, 0, + N_("\ +Usage: session oiap|osap|dsap|transport|daa [close <id>] [Options]\n\ +\n\ +Options are:\n\ +owner <owner password> : to use owner password\n\ +key <keyhandle> : to use a key handle\n\ +keypass <password> : password for the key given with 'key'\n\ +srkpass <password> : shortcut for specifying the SRK's password\n\ + it's not necessary to provide 'key'\n\ +row <row, delg. owner pwd>: in connection with DSAP session type this\n\ + allows to specify a row in the delegation\n\ + table; also need delegate owner pwd.\n\ +test <id> <owner|...> : to test a session with a given id\n\ + <enonce> <ssecret> that uses an owner or ... password\n\ +-ek : handle of encryption key; mandatory when using 'transport'.\n\ +-ekp : password for encryption key\n\ +\n\ +"), NULL }, + + { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmioAllPoptTable, 0, + N_("Common options:"), NULL }, + + POPT_AUTOALIAS + POPT_AUTOHELP + + POPT_TABLEEND +}; int main(int argc, char *argv[]) { + poptContext con = rpmioInit(argc, argv, optionsTable); + ARGV_t av = poptGetArgs(con); + int ac = argvCount(av); rpmtpm tpm = rpmtpmNew(argv, 0); int ec = -1; /* assume failure */ @@ -298,50 +312,44 @@ unsigned int type = 0; char *password = NULL; char *pwdtype = NULL; - unsigned char passHash[TPM_HASH_SIZE]; + + unsigned char passhash1[TPM_HASH_SIZE]; + unsigned int passwd_type = 0; session sess; unsigned char enonce[TPM_NONCE_SIZE]; unsigned char ssecret[TPM_HASH_SIZE]; -if (key_str) sscanf(key_str, "%x", &keyhandle); -if (row_str) sscanf(row_str, "%x", &keyhandle); + unsigned char ekpasshash[TPM_HASH_SIZE]; + unsigned char transpasshash[TPM_HASH_SIZE]; + char *transpass = "test"; if (ek_str) sscanf(ek_str, "%x", &ekhandle); -if (test_str) sscanf(test_str, "%x", &id); -if (test_str) action = ACTION_TEST; - -if (close_str) sscanf(close_str, "%x", &id); -if (close_str) action = ACTION_CLOSE; + TPM_setlog(rpmIsVerbose() ? 1 : 0); - TPM_setlog(0); - - while (i < argc) { - if (!strcmp("owner", argv[i])) { + for (i = 0; i < ac; i++) { + if (!strcmp("owner", av[i])) { i++; - if (i >= argc) { + if (i >= ac) { printf("Missing owner password!\n"); - usage(); goto exit; } - ownerpass = argv[i]; - } else if (!strcmp("key", argv[i])) { + ownerpass = (char *) av[i]; + } else if (!strcmp("key", av[i])) { i++; - if (i >= argc) { + if (i >= ac) { printf("Missing key handle!\n"); - usage(); goto exit; } - if (sscanf(argv[i], "%x", &keyhandle) != 1) { + if (sscanf(av[i], "%x", &keyhandle) != 1) { printf("Could not scan the keyhandle.\n"); goto exit; } - } else if (!strcmp("row", argv[i])) { + } else if (!strcmp("row", av[i])) { i++; - if (i >= argc) { + if (i >= ac) { printf("Missing row index!\n"); - usage(); goto exit; } /* @@ -349,122 +357,93 @@ since it is not used in the TPM_DSAP command when using TPM_ET_DEL_ROW. */ - if (sscanf(argv[i], "%x", &keyhandle) != 1) { + if (sscanf(av[i], "%x", &keyhandle) != 1) { printf("Could not scan the keyhandle.\n"); goto exit; } i++; - if (i >= argc) { + if (i >= ac) { printf("Missing owner password!\n"); - usage(); goto exit; } - rowpass = argv[i]; - } else if (!strcmp("keypass", argv[i])) { + rowpass = (char *) av[i]; + } else if (!strcmp("keypass", av[i])) { i++; - if (i >= argc) { + if (i >= ac) { printf("Missing key password!\n"); - usage(); goto exit; } - keypass = argv[i]; - } else if (!strcmp("srkpass", argv[i])) { + keypass = (char *) av[i]; + } else if (!strcmp("srkpass", av[i])) { i++; - if (i >= argc) { + if (i >= ac) { printf("Missing SRK key password!\n"); - usage(); goto exit; } - srkpass = argv[i]; - } else if (!strcmp("test", argv[i])) { + srkpass = (char *) av[i]; + } else if (!strcmp("test", av[i])) { i++; - if (i >= argc) { + if (i >= ac) { printf("Missing id!\n"); - usage(); goto exit; } - if (sscanf(argv[i], "%x", &id) != 1) { + if (sscanf(av[i], "%x", &id) != 1) { printf("Could not read session id " - "from parameter '%s'.\n", argv[i]); + "from parameter '%s'.\n", av[i]); goto exit; } i++; - if (i >= argc) { + if (i >= ac) { printf("Missing password type!\n"); - usage(); goto exit; } - pwdtype = argv[i]; + pwdtype = (char *) av[i]; i++; - if (i >= argc) { + if (i >= ac) { printf("Missing even nonce!\n"); - usage(); goto exit; } - if (parseHash(argv[i], enonce) != 0) { + if (parseHash((char *)av[i], enonce) != 0) { printf("Error parsing nonce.\n"); goto exit; } i++; - if (i >= argc) { + if (i >= ac) { printf("Missing session secret!\n"); - usage(); goto exit; } - if (parseHash(argv[i], ssecret) != 0) { + if (parseHash((char *)av[i], ssecret) != 0) { printf("Error parsing session secret.\n"); goto exit; } action = ACTION_TEST; - } else if (!strcmp("osap", argv[i])) { + } else if (!strcmp("osap", av[i])) { type = SESSION_OSAP; - } else if (!strcmp("oiap", argv[i])) { + } else if (!strcmp("oiap", av[i])) { type = SESSION_OIAP; - } else if (!strcmp("dsap", argv[i])) { + } else if (!strcmp("dsap", av[i])) { type = SESSION_DSAP; - } else if (!strcmp("transport", argv[i])) { + } else if (!strcmp("transport", av[i])) { type = SESSION_TRAN; - } else if (!strcmp("daa", argv[i])) { + } else if (!strcmp("daa", av[i])) { type = SESSION_DAA; - } else if (!strcmp("close", argv[i])) { + } else if (!strcmp("close", av[i])) { i++; - if (i >= argc) { + if (i >= ac) { printf("Missing session number!\n"); - usage(); goto exit; } - if (sscanf(argv[i], "%x", &id) != 1) { + if (sscanf(av[i], "%x", &id) != 1) { printf("Could not read session id " - "from parameter '%s'.\n", argv[i]); + "from parameter '%s'.\n", av[i]); goto exit; } action = ACTION_CLOSE; - } else if (!strcmp("-ek", argv[i])) { - i++; - if (i >= argc) { - printf("Missing argument for '-ek'.\n"); - goto exit; - } - if (sscanf(argv[i], "%x", &ekhandle) != 1) { - printf("Could not read encryption key handle.\n"); - goto exit; - } - } else if (!strcmp("-ekp", argv[i])) { - i++; - if (i >= argc) { - printf("Missing argument for '-ekp'.\n"); - goto exit; - } - ekpass = argv[i]; - } else if (!strcmp("-v", argv[i])) { - TPM_setlog(1); } else { - printf("\n%s is not a valid option\n", argv[i]); - usage(); + printf("\n%s is not a valid option\n", av[i]); goto exit; } - i++; } if (ownerpass) { @@ -485,7 +464,7 @@ } if (password) { - TSS_sha1(password, strlen(password), passHash); + TSS_sha1(password, strlen(password), passhash1); } if (type == 0) { @@ -499,7 +478,7 @@ default: ec = rpmtpmErr(tpm, "SessionOpen", 0, TSS_SessionOpen(type, &sess, - passHash, passwd_type, keyhandle)); + passhash1, passwd_type, keyhandle)); if (ec) { printf("Error %s while opening session.\n", TPM_GetErrMsg(ec)); goto exit; @@ -523,9 +502,6 @@ break; case SESSION_TRAN: { - unsigned char ekpasshash[TPM_HASH_SIZE]; - unsigned char transPassHash[TPM_HASH_SIZE]; - char *transPass = "test"; if (ekhandle == 0 || ekpass == NULL) { printf("You must provide '-ek' and '-ekp'.\n"); goto exit; @@ -533,10 +509,10 @@ TSS_sha1(ekpass, strlen(ekpass), ekpasshash); - TSS_sha1(transPass, strlen(transPass), transPassHash); + TSS_sha1(transpass, strlen(transpass), transpasshash); ec = createTransport(tpm, ekhandle, - ekpasshash, transPassHash, &sess); + ekpasshash, transpasshash, &sess); if (ec) { printf("Error while creating transport: '%s'\n", TPM_GetErrMsg(ec)); goto exit; @@ -566,7 +542,7 @@ } ec = rpmtpmErr(tpm, "DAA_Join", 0, TPM_DAA_Join(0, - passHash, + passhash1, 0, (unsigned char *) &inputData0, inputData0Size, (unsigned char *) &dummy, @@ -615,7 +591,7 @@ } sess.type.oiap.handle = id; memcpy(sess.type.oiap.enonce, enonce, TPM_NONCE_SIZE); - memcpy(sess.authdata, passHash, TPM_AUTHDATA_SIZE); + memcpy(sess.authdata, passhash1, TPM_AUTHDATA_SIZE); if (!strcmp(pwdtype, "owner")) { ec = TestOSAPOwner(tpm, &sess); if (ec) { @@ -683,7 +659,6 @@ printf("\n"); } else { printf("Error. Unknown password type.\n"); - usage(); goto exit; } break; @@ -722,7 +697,6 @@ TSS_Session_GetAuth(&sess), TPM_HASH_SIZE); } else { printf("Error. Unknown password type.\n"); - usage(); goto exit; } break; @@ -733,8 +707,10 @@ } break; } + ec = 0; exit: tpm = rpmtpmFree(tpm); + con = rpmioFini(con); return ec; } @@ . ______________________________________________________________________ RPM Package Manager http://rpm5.org CVS Sources Repository rpm-cvs@rpm5.org