Blame - keychain/main.c - chromium.googlesource.com/chromiumos/platform/tpm

blob: 778dab7e5c74d6c7242d90517b3e92f81adebf49 [file] [log] [blame]

Gaurav Shah	bf6c4a7	2010-03-05 10:58:48 -0800	[diff] [blame]	1	// Copyright (c) 2009,2010 The Chromium OS Authors. All rights reserved.
				2	// Use of this source code is governed by a BSD-style license that can be
				3	// found in the LICENSE file.
				4
				5	#include "bitstring.h"
				6	#include "commands.h"
				7	#include "tpm_keychain.h"
				8	#include "util.h"
				9
				10	#include <stdio.h>
				11	#include <stdlib.h>
				12	#include <string.h>
				13	#include <unistd.h>
				14	#include <sys/types.h>
				15	#include <stdint.h>
				16	#include <getopt.h>
				17	#include <errno.h>
				18
				19	#define PROGNAME "tpm-keychain"
				20
				21	static struct option
				22	long_options[] = {
				23	{ "add", required_argument, 0, 'A' },
				24	{ "blob", no_argument, 0, 'b' },
				25	{ "create", no_argument, 0, 'C' },
				26	{ "destroy", no_argument, 0, 'D' },
				27	{ "force", no_argument, 0, 'f' },
				28	{ "help", no_argument, 0, 'h' },
				29	{ "key_password", required_argument, 0, 'k' },
				30	{ "keychain_password", required_argument, 0, 'K' },
				31	{ "list", no_argument, 0, 'l' },
				32	{ "new_password", required_argument, 0, 'n' },
				33	{ "owner_password", required_argument, 0, 'o' },
				34	{ "pcr", required_argument, 0, 'p' },
				35	{ "remove", no_argument, 0, 'R' },
				36	{ "remove_password", no_argument, 0, 'r' },
				37	{ "resetlock", no_argument, 0, 'z' },
				38	{ "server", required_argument, 0, 'S' },
				39	{ "ssh", no_argument, 0, 'i' },
				40	{ "srk_password", required_argument, 0, 's' },
				41	{ "uuid", required_argument, 0, 'u' },
				42	{ "v1.1", no_argument, 0, '1' },
				43	{ "v1.2", no_argument, 0, '2' },
				44	{ "verbose", no_argument, 0, 'v' },
				45	{ NULL, 0, 0, 0 },
				46	};
				47
				48	static const char* options = "12A:bCDfhiK:k:ln:o:p:RrS:s:u:vz";
				49
				50	static void
				51	help_brief(void)
				52	{
				53	TKC_stderr("Try %s --help for more information.\n", PROGNAME);
				54	}
				55
				56	static void
				57	help_long(void)
				58	{
				59	const char* help_message =
				60	#include "help/help.h"
				61	;
				62	TKC_stderr("%s", help_message);
				63	}
				64
				65	int
				66	main(int argc, char** argv)
				67	{
				68	tkc_context_t* t = NULL;
				69	int c, option_index = 0, verbose = 0, ret = 0;
				70	uint64_t cmdmap = 0ULL;
				71	char* target_uuid = NULL;
				72	char* tss_server = NULL;
				73	tkc_pcrs_selected_t pcrs_selected;
				74	uint32_t open_flags = 0;
				75	uint32_t key_type = 0;
				76	uint32_t tss_version = TSS_TSPATTRIB_CONTEXT_VERSION_V1_1;
				77
				78	char* owner_password = NULL;
				79	char* srk_password = NULL;
				80	char* keychain_password = NULL;
				81	char* key_password = NULL;
				82	char* new_password = NULL;
				83
				84	if (argc <= 1) {
				85	help_brief();
				86	exit(1);
				87	}
				88
				89	memset(&pcrs_selected, 0, sizeof(pcrs_selected));
				90
				91	while ((c = getopt_long(argc, argv, options, long_options, &option_index))
				92	!= -1) {
				93	switch (c) {
				94	case '1':
				95	tss_version = TSS_TSPATTRIB_CONTEXT_VERSION_V1_1;
				96	break;
				97	case '2':
				98	tss_version = TSS_TSPATTRIB_CONTEXT_VERSION_V1_2;
				99	break;
				100	case 'A':
				101	key_type = parse_key_type(optarg);
				102	if (key_type == TKC_KEY_TYPE_NONE) {
				103	TKC_stderr("Invalid key type %s.\n", optarg);
				104	exit(1);
				105	}
				106	cmdmap \|= CMD_BITMAP(CMDBIT_ADD);
				107	break;
				108	case 'b':
				109	cmdmap \|= CMD_BITMAP(CMDBIT_DUMPBLOB);
				110	break;
				111	case 'C':
				112	open_flags \|= TKC_FLAG_CREATE;
				113	cmdmap \|= CMD_BITMAP(CMDBIT_CREATE);
				114	break;
				115	case 'D':
				116	open_flags \|= TKC_FLAG_DESTROY;
				117	cmdmap \|= CMD_BITMAP(CMDBIT_DESTROY);
				118	break;
				119	case 'f':
				120	open_flags \|= TKC_FLAG_FORCE;
				121	break;
				122	case 'h':
				123	help_long();
				124	exit(0);
				125	case 'k':
				126	key_password = optarg;
				127	break;
				128	case 'K':
				129	keychain_password = optarg;
				130	break;
				131	case 'i':
				132	cmdmap \|= CMD_BITMAP(CMDBIT_SSH);
				133	break;
				134	case 'l':
				135	cmdmap \|= CMD_BITMAP(CMDBIT_LIST);
				136	break;
				137	case 'n':
				138	new_password = optarg;
				139	cmdmap \|= CMD_BITMAP(CMDBIT_CHANGEAUTH);
				140	cmdmap \|= CMD_BITMAP(CMDBIT_NEWPASSWORD);
				141	break;
				142	case 'o':
				143	owner_password = optarg;
				144	break;
				145	case 'p': {
				146	errno = 0;
				147	char* end;
				148	uint64_t pcr = strtoull(optarg, &end, 0);
				149	if (errno \|\| (end != optarg + strlen(optarg)) \|\|
				150	(pcr >= TKC_MAX_PCRS)) {
				151	TKC_stderr("Invalid PCR index %s.\n", optarg);
				152	exit(1);
				153	}
				154	bit_set(pcrs_selected.bitmap, pcr);
				155	if ((uint32_t)pcr > pcrs_selected.highest) {
				156	pcrs_selected.highest = (uint32_t)pcr;
				157	}
				158	pcrs_selected.count++;
				159	break;
				160	}
				161	case 'R':
				162	cmdmap \|= CMD_BITMAP(CMDBIT_REMOVE);
				163	break;
				164	case 'r':
				165	cmdmap \|= CMD_BITMAP(CMDBIT_REMOVEAUTH);
				166	break;
				167	case 'S':
				168	tss_server = optarg;
				169	break;
				170	case 's':
				171	srk_password = optarg;
				172	break;
				173	case 'u':
				174	target_uuid = optarg;
				175	cmdmap \|= CMD_BITMAP(CMDBIT_UUID);
				176	break;
				177	case 'v':
				178	verbose = 1;
				179	break;
				180	case 'z':
				181	open_flags \|= (TKC_FLAG_NOKEYS \| TKC_FLAG_NEEDOWNER);
				182	cmdmap \|= CMD_BITMAP(CMDBIT_RESETLOCK);
				183	break;
				184	default:
				185	help_brief();
				186	exit(1);
				187	}
				188	}
				189
				190	if (optind != argc) {
				191	help_brief();
				192	exit(1);
				193	}
				194
				195	switch (cmdmap) {
				196	case CMD_ADD:
				197	case CMD_ADD_UUID:
				198	case CMD_CHANGEAUTH_UUID:
				199	case CMD_CREATE:
				200	case CMD_DESTROY:
				201	case CMD_DUMPBLOB_UUID:
				202	case CMD_LIST:
				203	case CMD_LIST_UUID:
				204	case CMD_REMOVE_UUID:
				205	case CMD_REMOVEAUTH_UUID:
				206	case CMD_RESETLOCK:
				207	case CMD_SSH_UUID:
				208	break;
				209	default:
				210	help_brief();
				211	exit(1);
				212	}
				213
				214	t = tkc_open_context(tss_server,
				215	owner_password, srk_password, keychain_password,
				216	open_flags, tss_version);
				217	if (t == NULL) {
				218	exit(1);
				219	}
				220
				221	switch (cmdmap) {
				222	case CMD_ADD:
				223	case CMD_ADD_UUID:
				224	ret = tkc_add_uuid(t, target_uuid, key_type,
				225	(pcrs_selected.count == 0) ?
				226	NULL : &pcrs_selected,
				227	key_password, tss_version);
				228	break;
				229	case CMD_CHANGEAUTH_UUID:
				230	ret = tkc_change_password_uuid(t, target_uuid,
				231	key_password, new_password);
				232	break;
				233	case CMD_CREATE:
				234	ret = 0;
				235	break;
				236	case CMD_DESTROY:
				237	ret = tkc_destroy(t);
				238	break;
				239	case CMD_DUMPBLOB_UUID:
				240	ret = tkc_dump_uuid(t, target_uuid);
				241	break;
				242	case CMD_LIST:
				243	case CMD_LIST_UUID:
				244	ret = tkc_list_uuid(t, target_uuid, verbose);
				245	break;
				246	case CMD_REMOVE_UUID:
				247	ret = tkc_remove_uuid(t, target_uuid);
				248	break;
				249	case CMD_REMOVEAUTH_UUID:
				250	ret = tkc_change_password_uuid(t, target_uuid, key_password, NULL);
				251	break;
				252	case CMD_RESETLOCK:
				253	ret = tkc_resetlock(t);
				254	break;
				255	case CMD_SSH_UUID:
				256	ret = tkc_ssh_uuid(t, target_uuid);
				257	break;
				258	}
				259
				260	tkc_close_context(&t);
				261
				262	exit(ret);
				263	}