keychain/main.c - chromiumos/platform/tpm - Git at Google

 // Copyright (c) 2009,2010 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "bitstring.h"
 #include "commands.h"
 #include "tpm_keychain.h"
 #include "util.h"

 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 #include <sys/types.h>
 #include <stdint.h>
 #include <getopt.h>
 #include <errno.h>

 #define PROGNAME "tpm-keychain"

 static struct option
 long_options[] = {
     { "add",               required_argument, 0, 'A' },
     { "blob",              no_argument,       0, 'b' },
     { "create",            no_argument,       0, 'C' },
     { "destroy",           no_argument,       0, 'D' },
     { "force",             no_argument,       0, 'f' },
     { "help",              no_argument,       0, 'h' },
     { "key_password",      required_argument, 0, 'k' },
     { "keychain_password", required_argument, 0, 'K' },
     { "list",              no_argument,       0, 'l' },
     { "new_password",      required_argument, 0, 'n' },
     { "owner_password",    required_argument, 0, 'o' },
     { "pcr",               required_argument, 0, 'p' },
     { "remove",            no_argument,       0, 'R' },
     { "remove_password",   no_argument,       0, 'r' },
     { "resetlock",         no_argument,       0, 'z' },
     { "server",            required_argument, 0, 'S' },
     { "ssh",               no_argument,       0, 'i' },
     { "srk_password",      required_argument, 0, 's' },
     { "uuid",              required_argument, 0, 'u' },
     { "v1.1",              no_argument,       0, '1' },
     { "v1.2",              no_argument,       0, '2' },
     { "verbose",           no_argument,       0, 'v' },
     { NULL, 0, 0, 0 },
 };

 static const char* options = "12A:bCDfhiK:k:ln:o:p:RrS:s:u:vz";

 static void
 help_brief(void)
 {
     TKC_stderr("Try %s --help for more information.\n", PROGNAME);
 }

 static void
 help_long(void)
 {
     const char* help_message =
 #include "help/help.h"
     ;
     TKC_stderr("%s", help_message);
 }

 int
 main(int argc, char** argv)
 {
     tkc_context_t* t = NULL;
     int c, option_index = 0, verbose = 0, ret = 0;
     uint64_t cmdmap = 0ULL;
     char* target_uuid = NULL;
     char* tss_server = NULL;
     tkc_pcrs_selected_t pcrs_selected;
     uint32_t open_flags = 0;
     uint32_t key_type = 0;
     uint32_t tss_version = TSS_TSPATTRIB_CONTEXT_VERSION_V1_1;

     char* owner_password = NULL;
     char* srk_password = NULL;
     char* keychain_password = NULL;
     char* key_password = NULL;
     char* new_password = NULL;

     if (argc <= 1) {
         help_brief();
         exit(1);
     }

     memset(&pcrs_selected, 0, sizeof(pcrs_selected));

     while ((c = getopt_long(argc, argv, options, long_options, &option_index))
            != -1) {
         switch (c) {
             case '1':
                 tss_version = TSS_TSPATTRIB_CONTEXT_VERSION_V1_1;
                 break;
             case '2':
                 tss_version = TSS_TSPATTRIB_CONTEXT_VERSION_V1_2;
                 break;
             case 'A':
                 key_type = parse_key_type(optarg);
                 if (key_type == TKC_KEY_TYPE_NONE) {
                     TKC_stderr("Invalid key type %s.\n", optarg);
                     exit(1);
                 }
                 cmdmap |= CMD_BITMAP(CMDBIT_ADD);
                 break;
             case 'b':
                 cmdmap |= CMD_BITMAP(CMDBIT_DUMPBLOB);
                 break;
             case 'C':
                 open_flags |= TKC_FLAG_CREATE;
                 cmdmap |= CMD_BITMAP(CMDBIT_CREATE);
                 break;
             case 'D':
                 open_flags |= TKC_FLAG_DESTROY;
                 cmdmap |= CMD_BITMAP(CMDBIT_DESTROY);
                 break;
             case 'f':
                 open_flags |= TKC_FLAG_FORCE;
                 break;
             case 'h':
                 help_long();
                 exit(0);
             case 'k':
                 key_password = optarg;
                 break;
             case 'K':
                 keychain_password = optarg;
                 break;
             case 'i':
                 cmdmap |= CMD_BITMAP(CMDBIT_SSH);
                 break;
             case 'l':
                 cmdmap |= CMD_BITMAP(CMDBIT_LIST);
                 break;
             case 'n':
                 new_password = optarg;
                 cmdmap |= CMD_BITMAP(CMDBIT_CHANGEAUTH);
                 cmdmap |= CMD_BITMAP(CMDBIT_NEWPASSWORD);
                 break;
             case 'o':
                 owner_password = optarg;
                 break;
             case 'p': {
                 errno = 0;
                 char* end;
                 uint64_t pcr = strtoull(optarg, &end, 0);
                 if (errno || (end != optarg + strlen(optarg)) ||
                     (pcr >= TKC_MAX_PCRS)) {
                     TKC_stderr("Invalid PCR index %s.\n", optarg);
                     exit(1);
                 }
                 bit_set(pcrs_selected.bitmap, pcr);
                 if ((uint32_t)pcr > pcrs_selected.highest) {
                     pcrs_selected.highest = (uint32_t)pcr;
                 }
                 pcrs_selected.count++;
                 break;
             }
             case 'R':
                 cmdmap |= CMD_BITMAP(CMDBIT_REMOVE);
                 break;
             case 'r':
                 cmdmap |= CMD_BITMAP(CMDBIT_REMOVEAUTH);
                 break;
             case 'S':
                 tss_server = optarg;
                 break;
             case 's':
                 srk_password = optarg;
                 break;
             case 'u':
                 target_uuid = optarg;
                 cmdmap |= CMD_BITMAP(CMDBIT_UUID);
                 break;
             case 'v':
                 verbose = 1;
                 break;
             case 'z':
                 open_flags |= (TKC_FLAG_NOKEYS | TKC_FLAG_NEEDOWNER);
                 cmdmap |= CMD_BITMAP(CMDBIT_RESETLOCK);
                 break;
             default:
                 help_brief();
                 exit(1);
         }
     }

     if (optind != argc) {
         help_brief();
         exit(1);
     }

     switch (cmdmap) {
         case CMD_ADD:
         case CMD_ADD_UUID:
         case CMD_CHANGEAUTH_UUID:
         case CMD_CREATE:
         case CMD_DESTROY:
         case CMD_DUMPBLOB_UUID:
         case CMD_LIST:
         case CMD_LIST_UUID:
         case CMD_REMOVE_UUID:
         case CMD_REMOVEAUTH_UUID:
         case CMD_RESETLOCK:
         case CMD_SSH_UUID:
             break;
         default:
             help_brief();
             exit(1);
     }

     t = tkc_open_context(tss_server,
                          owner_password, srk_password, keychain_password,
                          open_flags, tss_version);
     if (t == NULL) {
         exit(1);
     }

     switch (cmdmap) {
         case CMD_ADD:
         case CMD_ADD_UUID:
             ret = tkc_add_uuid(t, target_uuid, key_type,
                                (pcrs_selected.count == 0) ?
                                    NULL : &pcrs_selected,
                                key_password, tss_version);
             break;
         case CMD_CHANGEAUTH_UUID:
             ret = tkc_change_password_uuid(t, target_uuid,
                                            key_password, new_password);
             break;
         case CMD_CREATE:
             ret = 0;
             break;
         case CMD_DESTROY:
             ret = tkc_destroy(t);
             break;
         case CMD_DUMPBLOB_UUID:
             ret = tkc_dump_uuid(t, target_uuid);
             break;
         case CMD_LIST:
         case CMD_LIST_UUID:
             ret = tkc_list_uuid(t, target_uuid, verbose);
             break;
         case CMD_REMOVE_UUID:
             ret = tkc_remove_uuid(t, target_uuid);
             break;
         case CMD_REMOVEAUTH_UUID:
             ret = tkc_change_password_uuid(t, target_uuid, key_password, NULL);
             break;
         case CMD_RESETLOCK:
             ret = tkc_resetlock(t);
             break;
         case CMD_SSH_UUID:
             ret = tkc_ssh_uuid(t, target_uuid);
             break;
     }

     tkc_close_context(&t);

     exit(ret);
 }
	// Copyright (c) 2009,2010 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "bitstring.h"
	#include "commands.h"
	#include "tpm_keychain.h"
	#include "util.h"

	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include <unistd.h>
	#include <sys/types.h>
	#include <stdint.h>
	#include <getopt.h>
	#include <errno.h>

	#define PROGNAME "tpm-keychain"

	static struct option
	long_options[] = {
	{ "add", required_argument, 0, 'A' },
	{ "blob", no_argument, 0, 'b' },
	{ "create", no_argument, 0, 'C' },
	{ "destroy", no_argument, 0, 'D' },
	{ "force", no_argument, 0, 'f' },
	{ "help", no_argument, 0, 'h' },
	{ "key_password", required_argument, 0, 'k' },
	{ "keychain_password", required_argument, 0, 'K' },
	{ "list", no_argument, 0, 'l' },
	{ "new_password", required_argument, 0, 'n' },
	{ "owner_password", required_argument, 0, 'o' },
	{ "pcr", required_argument, 0, 'p' },
	{ "remove", no_argument, 0, 'R' },
	{ "remove_password", no_argument, 0, 'r' },
	{ "resetlock", no_argument, 0, 'z' },
	{ "server", required_argument, 0, 'S' },
	{ "ssh", no_argument, 0, 'i' },
	{ "srk_password", required_argument, 0, 's' },
	{ "uuid", required_argument, 0, 'u' },
	{ "v1.1", no_argument, 0, '1' },
	{ "v1.2", no_argument, 0, '2' },
	{ "verbose", no_argument, 0, 'v' },
	{ NULL, 0, 0, 0 },
	};

	static const char* options = "12A:bCDfhiK:k:ln:o:p:RrS:s:u:vz";

	static void
	help_brief(void)
	{
	TKC_stderr("Try %s --help for more information.\n", PROGNAME);
	}

	static void
	help_long(void)
	{
	const char* help_message =
	#include "help/help.h"
	;
	TKC_stderr("%s", help_message);
	}

	int
	main(int argc, char** argv)
	{
	tkc_context_t* t = NULL;
	int c, option_index = 0, verbose = 0, ret = 0;
	uint64_t cmdmap = 0ULL;
	char* target_uuid = NULL;
	char* tss_server = NULL;
	tkc_pcrs_selected_t pcrs_selected;
	uint32_t open_flags = 0;
	uint32_t key_type = 0;
	uint32_t tss_version = TSS_TSPATTRIB_CONTEXT_VERSION_V1_1;

	char* owner_password = NULL;
	char* srk_password = NULL;
	char* keychain_password = NULL;
	char* key_password = NULL;
	char* new_password = NULL;

	if (argc <= 1) {
	help_brief();
	exit(1);
	}

	memset(&pcrs_selected, 0, sizeof(pcrs_selected));

	while ((c = getopt_long(argc, argv, options, long_options, &option_index))
	!= -1) {
	switch (c) {
	case '1':
	tss_version = TSS_TSPATTRIB_CONTEXT_VERSION_V1_1;
	break;
	case '2':
	tss_version = TSS_TSPATTRIB_CONTEXT_VERSION_V1_2;
	break;
	case 'A':
	key_type = parse_key_type(optarg);
	if (key_type == TKC_KEY_TYPE_NONE) {
	TKC_stderr("Invalid key type %s.\n", optarg);
	exit(1);
	}
	cmdmap \|= CMD_BITMAP(CMDBIT_ADD);
	break;
	case 'b':
	cmdmap \|= CMD_BITMAP(CMDBIT_DUMPBLOB);
	break;
	case 'C':
	open_flags \|= TKC_FLAG_CREATE;
	cmdmap \|= CMD_BITMAP(CMDBIT_CREATE);
	break;
	case 'D':
	open_flags \|= TKC_FLAG_DESTROY;
	cmdmap \|= CMD_BITMAP(CMDBIT_DESTROY);
	break;
	case 'f':
	open_flags \|= TKC_FLAG_FORCE;
	break;
	case 'h':
	help_long();
	exit(0);
	case 'k':
	key_password = optarg;
	break;
	case 'K':
	keychain_password = optarg;
	break;
	case 'i':
	cmdmap \|= CMD_BITMAP(CMDBIT_SSH);
	break;
	case 'l':
	cmdmap \|= CMD_BITMAP(CMDBIT_LIST);
	break;
	case 'n':
	new_password = optarg;
	cmdmap \|= CMD_BITMAP(CMDBIT_CHANGEAUTH);
	cmdmap \|= CMD_BITMAP(CMDBIT_NEWPASSWORD);
	break;
	case 'o':
	owner_password = optarg;
	break;
	case 'p': {
	errno = 0;
	char* end;
	uint64_t pcr = strtoull(optarg, &end, 0);
	if (errno \|\| (end != optarg + strlen(optarg)) \|\|
	(pcr >= TKC_MAX_PCRS)) {
	TKC_stderr("Invalid PCR index %s.\n", optarg);
	exit(1);
	}
	bit_set(pcrs_selected.bitmap, pcr);
	if ((uint32_t)pcr > pcrs_selected.highest) {
	pcrs_selected.highest = (uint32_t)pcr;
	}
	pcrs_selected.count++;
	break;
	}
	case 'R':
	cmdmap \|= CMD_BITMAP(CMDBIT_REMOVE);
	break;
	case 'r':
	cmdmap \|= CMD_BITMAP(CMDBIT_REMOVEAUTH);
	break;
	case 'S':
	tss_server = optarg;
	break;
	case 's':
	srk_password = optarg;
	break;
	case 'u':
	target_uuid = optarg;
	cmdmap \|= CMD_BITMAP(CMDBIT_UUID);
	break;
	case 'v':
	verbose = 1;
	break;
	case 'z':
	open_flags \|= (TKC_FLAG_NOKEYS \| TKC_FLAG_NEEDOWNER);
	cmdmap \|= CMD_BITMAP(CMDBIT_RESETLOCK);
	break;
	default:
	help_brief();
	exit(1);
	}
	}

	if (optind != argc) {
	help_brief();
	exit(1);
	}

	switch (cmdmap) {
	case CMD_ADD:
	case CMD_ADD_UUID:
	case CMD_CHANGEAUTH_UUID:
	case CMD_CREATE:
	case CMD_DESTROY:
	case CMD_DUMPBLOB_UUID:
	case CMD_LIST:
	case CMD_LIST_UUID:
	case CMD_REMOVE_UUID:
	case CMD_REMOVEAUTH_UUID:
	case CMD_RESETLOCK:
	case CMD_SSH_UUID:
	break;
	default:
	help_brief();
	exit(1);
	}

	t = tkc_open_context(tss_server,
	owner_password, srk_password, keychain_password,
	open_flags, tss_version);
	if (t == NULL) {
	exit(1);
	}

	switch (cmdmap) {
	case CMD_ADD:
	case CMD_ADD_UUID:
	ret = tkc_add_uuid(t, target_uuid, key_type,
	(pcrs_selected.count == 0) ?
	NULL : &pcrs_selected,
	key_password, tss_version);
	break;
	case CMD_CHANGEAUTH_UUID:
	ret = tkc_change_password_uuid(t, target_uuid,
	key_password, new_password);
	break;
	case CMD_CREATE:
	ret = 0;
	break;
	case CMD_DESTROY:
	ret = tkc_destroy(t);
	break;
	case CMD_DUMPBLOB_UUID:
	ret = tkc_dump_uuid(t, target_uuid);
	break;
	case CMD_LIST:
	case CMD_LIST_UUID:
	ret = tkc_list_uuid(t, target_uuid, verbose);
	break;
	case CMD_REMOVE_UUID:
	ret = tkc_remove_uuid(t, target_uuid);
	break;
	case CMD_REMOVEAUTH_UUID:
	ret = tkc_change_password_uuid(t, target_uuid, key_password, NULL);
	break;
	case CMD_RESETLOCK:
	ret = tkc_resetlock(t);
	break;
	case CMD_SSH_UUID:
	ret = tkc_ssh_uuid(t, target_uuid);
	break;
	}

	tkc_close_context(&t);

	exit(ret);
	}