diff options
| -rw-r--r-- | doc/invoke-tpmtool.texi | 20 | ||||
| -rw-r--r-- | doc/manpages/tpmtool.1 | 16 | ||||
| -rw-r--r-- | lib/includes/gnutls/tpm.h | 4 | ||||
| -rw-r--r-- | lib/tpm.c | 8 | ||||
| -rw-r--r-- | src/tpmtool.c | 4 |
5 files changed, 42 insertions, 10 deletions
diff --git a/doc/invoke-tpmtool.texi b/doc/invoke-tpmtool.texi index 9b1041b4c5..3a30e4bd09 100644 --- a/doc/invoke-tpmtool.texi +++ b/doc/invoke-tpmtool.texi @@ -7,7 +7,7 @@ # # DO NOT EDIT THIS FILE (invoke-tpmtool.texi) # -# It has been AutoGen-ed July 21, 2012 at 02:02:18 PM by AutoGen 5.16 +# It has been AutoGen-ed July 21, 2012 at 10:14:33 PM by AutoGen 5.16 # From the definitions ../src/tpmtool-args.def # and the template file agtexi-cmd.tpl @end ignore @@ -72,6 +72,10 @@ USAGE: tpmtool [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... --delete=str Delete the key identified by the given URL (UUID). --sec-param=str Specify the security level [low, legacy, normal, high, ultra]. --bits=num Specify the number of bits for key generate + --inder Use the DER format for keys. + - disabled as --no-inder + --outder Use DER format for output keys + - disabled as --no-outder -v, --version[=arg] Output version information and exit -h, --help Display extended usage information and exit -!, --more-help Extended usage information passed thru pager @@ -146,6 +150,20 @@ This is the ``specify the security level [low, legacy, normal, high, ultra].'' o This option takes an argument string @file{Security parameter}. This is alternative to the bits option. Note however that the values allowed by the TPM chip are quantized and given values may be rounded up. +@anchor{tpmtool inder} +@subsubheading inder option +@cindex tpmtool-inder + +This is the ``use the der format for keys.'' option. +The input files will be assumed to be in the portable +DER format of TPM. The default format is a custom format used by various +TPM tools +@anchor{tpmtool outder} +@subsubheading outder option +@cindex tpmtool-outder + +This is the ``use der format for output keys'' option. +The output will be in the TPM portable DER format. @anchor{tpmtool exit status} @subsubheading tpmtool exit status diff --git a/doc/manpages/tpmtool.1 b/doc/manpages/tpmtool.1 index 4d20fea49f..ba613e1589 100644 --- a/doc/manpages/tpmtool.1 +++ b/doc/manpages/tpmtool.1 @@ -2,7 +2,7 @@ .\" .\" DO NOT EDIT THIS FILE (tpmtool-args.man) .\" -.\" It has been AutoGen-ed July 21, 2012 at 02:01:40 PM by AutoGen 5.16 +.\" It has been AutoGen-ed July 21, 2012 at 10:13:55 PM by AutoGen 5.16 .\" From the definitions ../../src/tpmtool-args.def.tmp .\" and the template file agman-cmd.tpl .\" @@ -110,6 +110,20 @@ Specify the number of bits for key generate. This option takes an integer number as its argument. .sp .TP +.BR \-\-inder, " \fB\-\-no\-inder\fP" +Use the DER format for keys.. +The \fIno\-inder\fP form will disable the option. +.sp +The input files will be assumed to be in the portable +DER format of TPM. The default format is a custom format used by various +TPM tools +.TP +.BR \-\-outder, " \fB\-\-no\-outder\fP" +Use DER format for output keys. +The \fIno\-outder\fP form will disable the option. +.sp +The output will be in the TPM portable DER format. +.TP .BR \-h , " \-\-help" Display usage information and exit. .TP diff --git a/lib/includes/gnutls/tpm.h b/lib/includes/gnutls/tpm.h index 386689b5df..cea1c75bf1 100644 --- a/lib/includes/gnutls/tpm.h +++ b/lib/includes/gnutls/tpm.h @@ -41,14 +41,14 @@ typedef struct tpm_key_list_st *gnutls_tpm_key_list_t; /** * gnutls_tpmkey_fmt_t: * @GNUTLS_TPM_FMT_DER: The portable data format. - * @GNUTLS_TPM_FMT_PEM: A custom data format used by some openssl tools. + * @GNUTLS_TPM_FMT_CTK_PEM: A custom data format used by some TPM tools. * * Enumeration of different certificate encoding formats. */ typedef enum { GNUTLS_TPMKEY_FMT_DER = 0, - GNUTLS_TPMKEY_FMT_PEM = 1 + GNUTLS_TPMKEY_FMT_CTK_PEM = 1 } gnutls_tpmkey_fmt_t; int @@ -368,7 +368,7 @@ int ret, err; gnutls_datum_t asn1 = { NULL, 0 }; size_t slen; - if (format == GNUTLS_TPMKEY_FMT_PEM) + if (format == GNUTLS_TPMKEY_FMT_CTK_PEM) { ret = gnutls_pem_base64_decode_alloc ("TSS KEY BLOB", fdata, &asn1); if (ret) @@ -865,7 +865,7 @@ int ret; goto cleanup; } - ret = gnutls_privkey_import_tpm_raw (pkey, &fdata, GNUTLS_TPMKEY_FMT_PEM, + ret = gnutls_privkey_import_tpm_raw (pkey, &fdata, GNUTLS_TPMKEY_FMT_CTK_PEM, srk_password, key_password, flags); if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) ret = gnutls_privkey_import_tpm_raw (pkey, &fdata, GNUTLS_TPMKEY_FMT_DER, @@ -1123,7 +1123,7 @@ int ret; goto cleanup; } - ret = gnutls_pubkey_import_tpm_raw (pkey, &fdata, GNUTLS_TPMKEY_FMT_PEM, + ret = gnutls_pubkey_import_tpm_raw (pkey, &fdata, GNUTLS_TPMKEY_FMT_CTK_PEM, srk_password, flags); if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) ret = gnutls_pubkey_import_tpm_raw (pkey, &fdata, GNUTLS_TPMKEY_FMT_DER, @@ -1356,7 +1356,7 @@ uint8_t buf[32]; } - if (format == GNUTLS_TPMKEY_FMT_PEM) + if (format == GNUTLS_TPMKEY_FMT_CTK_PEM) { ret = _gnutls_x509_encode_octet_string(tdata, tint, &tmpkey); if (ret < 0) diff --git a/src/tpmtool.c b/src/tpmtool.c index 25cee8e4c5..b363e17b29 100644 --- a/src/tpmtool.c +++ b/src/tpmtool.c @@ -106,7 +106,7 @@ cmd_parser (int argc, char **argv) else { incert_format = GNUTLS_X509_FMT_PEM; - inkey_format = GNUTLS_TPMKEY_FMT_PEM; + inkey_format = GNUTLS_TPMKEY_FMT_CTK_PEM; } if (HAVE_OPT(OUTDER)) @@ -117,7 +117,7 @@ cmd_parser (int argc, char **argv) else { outcert_format = GNUTLS_X509_FMT_PEM; - outkey_format = GNUTLS_TPMKEY_FMT_PEM; + outkey_format = GNUTLS_TPMKEY_FMT_CTK_PEM; } if (HAVE_OPT(REGISTER)) |