RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: j...@rpm5.org
Module: libtpm Date: 16-Sep-2013 17:13:28
Branch: HEAD Handle: 2013091615132700
Modified files:
libtpm/libtpm/utils createkey.c session.c
Log:
- WIP.
Summary:
Revision Changes Path
1.15 +1 -1 libtpm/libtpm/utils/createkey.c
1.13 +97 -121 libtpm/libtpm/utils/session.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: libtpm/libtpm/utils/createkey.c
============================================================================
$ cvs diff -u -r1.14 -r1.15 createkey.c
--- libtpm/libtpm/utils/createkey.c 15 Sep 2013 22:22:05 -0000 1.14
+++ libtpm/libtpm/utils/createkey.c 16 Sep 2013 15:13:27 -0000 1.15
@@ -158,7 +158,7 @@
if (hp_str) sscanf(hp_str, "%x", &parhandle);
if (kt_str) keytype = kt_str[0];
- TPM_setlog(0); /* turn off verbose output */
+ TPM_setlog(rpmIsVerbose() ? 1 : 0);
if (es_str) {
if (!strcmp(es_str, "pkcsv15"))
@@ .
patch -p0 <<'@@ .'
Index: libtpm/libtpm/utils/session.c
============================================================================
$ cvs diff -u -r1.12 -r1.13 session.c
--- libtpm/libtpm/utils/session.c 15 Sep 2013 22:45:00 -0000 1.12
+++ libtpm/libtpm/utils/session.c 16 Sep 2013 15:13:27 -0000 1.13
@@ -8,6 +8,7 @@
#include "copyright.h"
#include "system.h"
+#include <argv.h>
#include <poptIO.h>
#define N_(_s) _s
@@ -248,49 +249,62 @@
return ec;
}
+/* XXX row: keyhandle password */
+/* XXX test: id pwdtype enonce ssecret */
+/* XXX close: id */
+static char *rowpass;
static char *ownerpass;
static char *keypass;
static char *srkpass;
static uint32_t keyhandle = 0;
-static char *key_str;
-
-static char *rowpass;
-/* XXX keyhandle password */
-static char *row_str;
-
static int action = ACTION_OPEN;
-static unsigned int id;
-/* XXX id pwdtype enonce ssecret */
-static char *test_str;
-/* XXX id */
-static char *close_str;
-
+static unsigned id;
static uint32_t ekhandle = 0;
static char *ekpass;
+
static char *ek_str;
-static void usage(void)
-{
- printf
- ("Usage: session oiap|osap|dsap|transport|daa [close <id>] [Options]\n"
- "\n" "Options are:\n"
- "owner <owner password> : to use owner password\n"
- "key <keyhandle> : to use a key handle\n"
- "keypass <password> : password for the key given with 'key'\n"
- "srkpass <password> : shortcut for specifying the SRK's
password\n"
- " it's not necessary to provide 'key'\n"
- "row <row, delg. owner pwd>: in connection with DSAP session type
this\n"
- " allows to specify a row in the
delegation\n"
- " table; also need delegate owner pwd.\n"
- "test <id> <owner|...> : to test a session with a given id\n"
- " <enonce> <ssecret> that uses an owner or ... password\n"
- "-ek : handle of encryption key; mandatory when
using 'transport'.\n"
- "-ekp : password for encryption key\n" "\n");
-}
+static struct poptOption optionsTable[] = {
+ { "ek", '\0', POPT_ARG_STRING|POPT_ARGFLAG_ONEDASH, &ek_str, 0,
+ N_("Specify encryption key <handle>"), N_(" <handle>") },
+ { "ekp", '\0', POPT_ARG_STRING|POPT_ARGFLAG_ONEDASH, &ekpass,
0,
+ N_("Specify encryption key <password>"), N_(" <password>") },
+
+ { NULL, (char)-1, POPT_ARG_INCLUDE_TABLE, NULL, 0,
+ N_("\
+Usage: session oiap|osap|dsap|transport|daa [close <id>] [Options]\n\
+\n\
+Options are:\n\
+owner <owner password> : to use owner password\n\
+key <keyhandle> : to use a key handle\n\
+keypass <password> : password for the key given with 'key'\n\
+srkpass <password> : shortcut for specifying the SRK's password\n\
+ it's not necessary to provide 'key'\n\
+row <row, delg. owner pwd>: in connection with DSAP session type this\n\
+ allows to specify a row in the delegation\n\
+ table; also need delegate owner pwd.\n\
+test <id> <owner|...> : to test a session with a given id\n\
+ <enonce> <ssecret> that uses an owner or ... password\n\
+-ek : handle of encryption key; mandatory when using
'transport'.\n\
+-ekp : password for encryption key\n\
+\n\
+"), NULL },
+
+ { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmioAllPoptTable, 0,
+ N_("Common options:"), NULL },
+
+ POPT_AUTOALIAS
+ POPT_AUTOHELP
+
+ POPT_TABLEEND
+};
int main(int argc, char *argv[])
{
+ poptContext con = rpmioInit(argc, argv, optionsTable);
+ ARGV_t av = poptGetArgs(con);
+ int ac = argvCount(av);
rpmtpm tpm = rpmtpmNew(argv, 0);
int ec = -1; /* assume failure */
@@ -298,50 +312,44 @@
unsigned int type = 0;
char *password = NULL;
char *pwdtype = NULL;
- unsigned char passHash[TPM_HASH_SIZE];
+
+ unsigned char passhash1[TPM_HASH_SIZE];
+
unsigned int passwd_type = 0;
session sess;
unsigned char enonce[TPM_NONCE_SIZE];
unsigned char ssecret[TPM_HASH_SIZE];
-if (key_str) sscanf(key_str, "%x", &keyhandle);
-if (row_str) sscanf(row_str, "%x", &keyhandle);
+ unsigned char ekpasshash[TPM_HASH_SIZE];
+ unsigned char transpasshash[TPM_HASH_SIZE];
+ char *transpass = "test";
if (ek_str) sscanf(ek_str, "%x", &ekhandle);
-if (test_str) sscanf(test_str, "%x", &id);
-if (test_str) action = ACTION_TEST;
-
-if (close_str) sscanf(close_str, "%x", &id);
-if (close_str) action = ACTION_CLOSE;
+ TPM_setlog(rpmIsVerbose() ? 1 : 0);
- TPM_setlog(0);
-
- while (i < argc) {
- if (!strcmp("owner", argv[i])) {
+ for (i = 0; i < ac; i++) {
+ if (!strcmp("owner", av[i])) {
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing owner password!\n");
- usage();
goto exit;
}
- ownerpass = argv[i];
- } else if (!strcmp("key", argv[i])) {
+ ownerpass = (char *) av[i];
+ } else if (!strcmp("key", av[i])) {
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing key handle!\n");
- usage();
goto exit;
}
- if (sscanf(argv[i], "%x", &keyhandle) != 1) {
+ if (sscanf(av[i], "%x", &keyhandle) != 1) {
printf("Could not scan the keyhandle.\n");
goto exit;
}
- } else if (!strcmp("row", argv[i])) {
+ } else if (!strcmp("row", av[i])) {
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing row index!\n");
- usage();
goto exit;
}
/*
@@ -349,122 +357,93 @@
since it is not used in the TPM_DSAP command
when using TPM_ET_DEL_ROW.
*/
- if (sscanf(argv[i], "%x", &keyhandle) != 1) {
+ if (sscanf(av[i], "%x", &keyhandle) != 1) {
printf("Could not scan the keyhandle.\n");
goto exit;
}
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing owner password!\n");
- usage();
goto exit;
}
- rowpass = argv[i];
- } else if (!strcmp("keypass", argv[i])) {
+ rowpass = (char *) av[i];
+ } else if (!strcmp("keypass", av[i])) {
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing key password!\n");
- usage();
goto exit;
}
- keypass = argv[i];
- } else if (!strcmp("srkpass", argv[i])) {
+ keypass = (char *) av[i];
+ } else if (!strcmp("srkpass", av[i])) {
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing SRK key password!\n");
- usage();
goto exit;
}
- srkpass = argv[i];
- } else if (!strcmp("test", argv[i])) {
+ srkpass = (char *) av[i];
+ } else if (!strcmp("test", av[i])) {
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing id!\n");
- usage();
goto exit;
}
- if (sscanf(argv[i], "%x", &id) != 1) {
+ if (sscanf(av[i], "%x", &id) != 1) {
printf("Could not read session id "
- "from parameter '%s'.\n", argv[i]);
+ "from parameter '%s'.\n", av[i]);
goto exit;
}
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing password type!\n");
- usage();
goto exit;
}
- pwdtype = argv[i];
+ pwdtype = (char *) av[i];
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing even nonce!\n");
- usage();
goto exit;
}
- if (parseHash(argv[i], enonce) != 0) {
+ if (parseHash((char *)av[i], enonce) != 0) {
printf("Error parsing nonce.\n");
goto exit;
}
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing session secret!\n");
- usage();
goto exit;
}
- if (parseHash(argv[i], ssecret) != 0) {
+ if (parseHash((char *)av[i], ssecret) != 0) {
printf("Error parsing session secret.\n");
goto exit;
}
action = ACTION_TEST;
- } else if (!strcmp("osap", argv[i])) {
+ } else if (!strcmp("osap", av[i])) {
type = SESSION_OSAP;
- } else if (!strcmp("oiap", argv[i])) {
+ } else if (!strcmp("oiap", av[i])) {
type = SESSION_OIAP;
- } else if (!strcmp("dsap", argv[i])) {
+ } else if (!strcmp("dsap", av[i])) {
type = SESSION_DSAP;
- } else if (!strcmp("transport", argv[i])) {
+ } else if (!strcmp("transport", av[i])) {
type = SESSION_TRAN;
- } else if (!strcmp("daa", argv[i])) {
+ } else if (!strcmp("daa", av[i])) {
type = SESSION_DAA;
- } else if (!strcmp("close", argv[i])) {
+ } else if (!strcmp("close", av[i])) {
i++;
- if (i >= argc) {
+ if (i >= ac) {
printf("Missing session number!\n");
- usage();
goto exit;
}
- if (sscanf(argv[i], "%x", &id) != 1) {
+ if (sscanf(av[i], "%x", &id) != 1) {
printf("Could not read session id "
- "from parameter '%s'.\n", argv[i]);
+ "from parameter '%s'.\n", av[i]);
goto exit;
}
action = ACTION_CLOSE;
- } else if (!strcmp("-ek", argv[i])) {
- i++;
- if (i >= argc) {
- printf("Missing argument for '-ek'.\n");
- goto exit;
- }
- if (sscanf(argv[i], "%x", &ekhandle) != 1) {
- printf("Could not read encryption key handle.\n");
- goto exit;
- }
- } else if (!strcmp("-ekp", argv[i])) {
- i++;
- if (i >= argc) {
- printf("Missing argument for '-ekp'.\n");
- goto exit;
- }
- ekpass = argv[i];
- } else if (!strcmp("-v", argv[i])) {
- TPM_setlog(1);
} else {
- printf("\n%s is not a valid option\n", argv[i]);
- usage();
+ printf("\n%s is not a valid option\n", av[i]);
goto exit;
}
- i++;
}
if (ownerpass) {
@@ -485,7 +464,7 @@
}
if (password) {
- TSS_sha1(password, strlen(password), passHash);
+ TSS_sha1(password, strlen(password), passhash1);
}
if (type == 0) {
@@ -499,7 +478,7 @@
default:
ec = rpmtpmErr(tpm, "SessionOpen", 0,
TSS_SessionOpen(type, &sess,
- passHash, passwd_type, keyhandle));
+ passhash1, passwd_type, keyhandle));
if (ec) {
printf("Error %s while opening session.\n", TPM_GetErrMsg(ec));
goto exit;
@@ -523,9 +502,6 @@
break;
case SESSION_TRAN:
{
- unsigned char ekpasshash[TPM_HASH_SIZE];
- unsigned char transPassHash[TPM_HASH_SIZE];
- char *transPass = "test";
if (ekhandle == 0 || ekpass == NULL) {
printf("You must provide '-ek' and '-ekp'.\n");
goto exit;
@@ -533,10 +509,10 @@
TSS_sha1(ekpass, strlen(ekpass), ekpasshash);
- TSS_sha1(transPass, strlen(transPass), transPassHash);
+ TSS_sha1(transpass, strlen(transpass), transpasshash);
ec = createTransport(tpm, ekhandle,
- ekpasshash, transPassHash, &sess);
+ ekpasshash, transpasshash, &sess);
if (ec) {
printf("Error while creating transport: '%s'\n",
TPM_GetErrMsg(ec));
goto exit;
@@ -566,7 +542,7 @@
}
ec = rpmtpmErr(tpm, "DAA_Join", 0,
TPM_DAA_Join(0,
- passHash,
+ passhash1,
0,
(unsigned char *) &inputData0,
inputData0Size, (unsigned char *) &dummy,
@@ -615,7 +591,7 @@
}
sess.type.oiap.handle = id;
memcpy(sess.type.oiap.enonce, enonce, TPM_NONCE_SIZE);
- memcpy(sess.authdata, passHash, TPM_AUTHDATA_SIZE);
+ memcpy(sess.authdata, passhash1, TPM_AUTHDATA_SIZE);
if (!strcmp(pwdtype, "owner")) {
ec = TestOSAPOwner(tpm, &sess);
if (ec) {
@@ -683,7 +659,6 @@
printf("\n");
} else {
printf("Error. Unknown password type.\n");
- usage();
goto exit;
}
break;
@@ -722,7 +697,6 @@
TSS_Session_GetAuth(&sess), TPM_HASH_SIZE);
} else {
printf("Error. Unknown password type.\n");
- usage();
goto exit;
}
break;
@@ -733,8 +707,10 @@
}
break;
}
+ ec = 0;
exit:
tpm = rpmtpmFree(tpm);
+ con = rpmioFini(con);
return ec;
}
@@ .
______________________________________________________________________
RPM Package Manager http://rpm5.org
CVS Sources Repository rpm-cvs@rpm5.org
