diff options
Diffstat (limited to 'import-layers/meta-security/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch')
-rw-r--r-- | import-layers/meta-security/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch | 99 |
1 files changed, 0 insertions, 99 deletions
diff --git a/import-layers/meta-security/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch b/import-layers/meta-security/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch deleted file mode 100644 index 67071b605..000000000 --- a/import-layers/meta-security/meta-tpm/recipes-tpm/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch +++ /dev/null @@ -1,99 +0,0 @@ -commit 16dac0cb7b73b8a7088300e45b98ac20819b03ed -Author: Junxian.Xiao <Junxian.Xiao@windriver.com> -Date: Wed Jun 19 18:57:13 2013 +0800 - -support well-known password in openssl-tpm-engine. - -Add "-z" option to select well known password in create_tpm_key tool. - -Signed-off-by: Junxian.Xiao <Junxian.Xiao@windriver.com> - -diff --git a/create_tpm_key.c b/create_tpm_key.c -index fee917f..7b94d62 100644 ---- a/create_tpm_key.c -+++ b/create_tpm_key.c -@@ -46,6 +46,8 @@ - #include <trousers/tss.h> - #include <trousers/trousers.h> - -+#define TPM_WELL_KNOWN_KEY_LEN 20 /*well know key length is 20 bytes zero*/ -+ - #define print_error(a,b) \ - fprintf(stderr, "%s:%d %s result: 0x%x (%s)\n", __FILE__, __LINE__, \ - a, b, Trspi_Error_String(b)) -@@ -70,6 +72,7 @@ usage(char *argv0) - "\t\t-e|--enc-scheme encryption scheme to use [PKCSV15] or OAEP\n" - "\t\t-q|--sig-scheme signature scheme to use [DER] or SHA1\n" - "\t\t-s|--key-size key size in bits [2048]\n" -+ "\t\t-z|--zerokey use well known 20 bytes zero as SRK password.\n" - "\t\t-a|--auth require a password for the key [NO]\n" - "\t\t-p|--popup use TSS GUI popup dialogs to get the password " - "for the\n\t\t\t\t key [NO] (implies --auth)\n" -@@ -147,6 +150,7 @@ int main(int argc, char **argv) - int asn1_len; - char *filename, c, *openssl_key = NULL; - int option_index, auth = 0, popup = 0, wrap = 0; -+ int wellknownkey = 0; - UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; - UINT32 sig_scheme = TSS_SS_RSASSAPKCS1V15_DER; - UINT32 key_size = 2048; -@@ -154,12 +158,15 @@ int main(int argc, char **argv) - - while (1) { - option_index = 0; -- c = getopt_long(argc, argv, "pe:q:s:ahw:", -+ c = getopt_long(argc, argv, "pe:q:s:zahw:", - long_options, &option_index); - if (c == -1) - break; - - switch (c) { -+ case 'z': -+ wellknownkey = 1; -+ break; - case 'a': - initFlags |= TSS_KEY_AUTHORIZATION; - auth = 1; -@@ -293,6 +300,8 @@ int main(int argc, char **argv) - - if (srk_authusage) { - char *authdata = calloc(1, 128); -+ TSS_FLAG secretMode = TSS_SECRET_MODE_PLAIN; -+ int authlen = 0; - - if (!authdata) { - fprintf(stderr, "malloc failed.\n"); -@@ -309,17 +318,26 @@ int main(int argc, char **argv) - exit(result); - } - -- if (EVP_read_pw_string(authdata, 128, "SRK Password: ", 0)) { -- Tspi_Context_CloseObject(hContext, hKey); -- Tspi_Context_Close(hContext); -- free(authdata); -- exit(result); -+ if (wellknownkey) { -+ memset(authdata, 0, TPM_WELL_KNOWN_KEY_LEN); -+ secretMode = TSS_SECRET_MODE_SHA1; -+ authlen = TPM_WELL_KNOWN_KEY_LEN; -+ } -+ else { -+ if (EVP_read_pw_string(authdata, 128, "SRK Password: ", 0)) { -+ Tspi_Context_CloseObject(hContext, hKey); -+ Tspi_Context_Close(hContext); -+ free(authdata); -+ exit(result); -+ } -+ secretMode = TSS_SECRET_MODE_PLAIN; -+ authlen = strlen(authdata); - } - - //Set Secret - if ((result = Tspi_Policy_SetSecret(srkUsagePolicy, -- TSS_SECRET_MODE_PLAIN, -- strlen(authdata), -+ secretMode, -+ authlen, - (BYTE *)authdata))) { - print_error("Tspi_Policy_SetSecret", result); - free(authdata); |