From a0eb11e7b310caee0035dabfd917f9cddfc4818a Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Thu, 30 Aug 2018 15:41:16 -0700 Subject: Add option to provide password to import tool Add -password command line argument to take the primary key password to import keys. Issue-ID: AAF-464 Change-Id: I68b87139405427d065883ffe714e1072d3e987df Signed-off-by: Kiran Kamineni --- tpm-util/import/main.c | 55 ++++++++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 24 deletions(-) diff --git a/tpm-util/import/main.c b/tpm-util/import/main.c index c498f6c..8f66fd6 100644 --- a/tpm-util/import/main.c +++ b/tpm-util/import/main.c @@ -19,17 +19,14 @@ // #include -#include +#include #include -#include +#include #include -#include "tpm_wrapper.h" -#include "util.h" - -char* tpm_pwd = ""; -int tpm_pwd_len = 0; +#include "tpm_wrapper.h" +#include "util.h" void PrintHelp(); char version[] = "0.1"; @@ -37,10 +34,11 @@ char version[] = "0.1"; void PrintHelp() { printf( - "OSSL key to tpm import tool, Version %s\nUsage:" - "./ossl_tpm_import " - "[-dupPub out_dupPubFile] [-dupPriv out_dupPrivFile] [-dupSymSeed out_dupSymSeedFile] [-dupEncKey out_dupEncKeyFile]" - "[-pub out_keyPub] [-priv out_KeyPriv]\n" + "OSSL key to tpm import tool, Version %s\nUsage:" + "./ossl_tpm_import " + "[-dupPub out_dupPubFile] [-dupPriv out_dupPrivFile] [-dupSymSeed out_dupSymSeedFile] " + "[-dupEncKey out_dupEncKeyFile] [-password keyPassword] " + "[-pub out_keyPub] [-priv out_KeyPriv] [-H primaryKeyHandle]\n" "\n" , version); } @@ -61,10 +59,11 @@ int main(int argc, char* argv[]) int dupSymSeed_flag = 0; char dupEncKey_Filename[256]; int dupEncKey_flag = 0; - TPM2B_DATA encryptionKey; - TPM2B_PUBLIC swKeyPublic; - TPM2B_PRIVATE swKeyPrivate; - TPM2B_ENCRYPTED_SECRET encSymSeed; + char keyPassword[256] = {0}; + TPM2B_DATA encryptionKey; + TPM2B_PUBLIC swKeyPublic; + TPM2B_PRIVATE swKeyPrivate; + TPM2B_ENCRYPTED_SECRET encSymSeed; // SW Key Import O/P variables char pub_Filename[256]; @@ -128,6 +127,15 @@ int main(int argc, char* argv[]) } dupEncKey_flag = 1; } + else if( 0 == strcmp( argv[count], "-password" ) ) { + count++; + // Read no more than a fixed length of characters + if ( (1 != sscanf(argv[count], "%255s", keyPassword )) ) + { + PrintHelp(); + return 1; + } + } else if( 0 == strcmp( argv[count], "-pub" ) ) { count++; if( (1 != sscanf( argv[count], "%s", pub_Filename )) ) @@ -170,11 +178,11 @@ int main(int argc, char* argv[]) // For TPM Import functionality, check all input params are present if( (!dupPub_flag) || - (!dupPriv_flag) || - (!dupSymSeed_flag) || - (!dupEncKey_flag) || - (!pub_flag) || - (!priv_flag) + (!dupPriv_flag) || + (!dupSymSeed_flag) || + (!dupEncKey_flag) || + (!pub_flag) || + (!priv_flag) ) { printf("Error: One or more Inputs for TPM import functionality is missing ! \n"); return -1; @@ -215,9 +223,9 @@ int main(int argc, char* argv[]) TPM2B_PRIVATE importPrivate; INIT_SIMPLE_TPM2B_SIZE(importPrivate); - rval = swKeyTpmImport(sysContext, primaryKeyHandle, - &encryptionKey, &swKeyPublic, &swKeyPrivate, &encSymSeed, - tpm_pwd, tpm_pwd_len, + rval = swKeyTpmImport(sysContext, primaryKeyHandle, + &encryptionKey, &swKeyPublic, &swKeyPrivate, &encSymSeed, + keyPassword, strlen(keyPassword), &importPrivate); if(rval != 0) { printf("\nswKeyTpmImport failed: 0x%x ! \n", rval); @@ -241,4 +249,3 @@ end: return rval; } - -- cgit 1.2.3-korg