[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_21-20-gc57bbd2
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_21-20-gc57bbd2 |
|
Date: |
Fri, 13 Jul 2012 11:12:49 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=c57bbd2a6f18147916d3e68a390d9844aaa6c162
The branch, master has been updated
via c57bbd2a6f18147916d3e68a390d9844aaa6c162 (commit)
via a95789d2f8010bce41734a60b22557c2b8ec9ab2 (commit)
via 27d773ad0cda6cd20ea191fb5d0bb511e794d410 (commit)
via 374b2a7e3a68ce69a258b8a10be463e50cdc1bff (commit)
from 430abd76c8e1b166640736fa24100142ed8381c3 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c57bbd2a6f18147916d3e68a390d9844aaa6c162
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Jul 13 13:12:34 2012 +0200
documented updates
commit a95789d2f8010bce41734a60b22557c2b8ec9ab2
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Jul 13 13:12:23 2012 +0200
pubkey option can now accept a url
commit 27d773ad0cda6cd20ea191fb5d0bb511e794d410
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Jul 13 13:12:05 2012 +0200
small fixes in TPM support
commit 374b2a7e3a68ce69a258b8a10be463e50cdc1bff
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Jul 12 18:35:49 2012 +0200
internal functions marked as static
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +-
doc/Makefile.am | 6 ++
lib/gnutls_errors.c | 4 +
lib/gnutls_handshake.c | 9 ++-
lib/gnutls_handshake.h | 3 -
lib/gnutls_str.c | 9 ++-
lib/includes/gnutls/gnutls.h.in | 2 +
lib/libgnutls.map | 1 +
lib/tpm.c | 140 ++++++++++++++++++++++++++++++--------
src/tpmtool-args.c | 5 +-
src/tpmtool-args.def | 2 +
src/tpmtool-args.h | 2 +-
src/tpmtool.c | 25 +++----
13 files changed, 156 insertions(+), 55 deletions(-)
diff --git a/NEWS b/NEWS
index 72befa5..b57d5f8 100644
--- a/NEWS
+++ b/NEWS
@@ -47,7 +47,6 @@ by Alexandre Bique.
** API and ABI modifications:
GNUTLS_CERT_SIGNATURE_FAILURE: Added
GNUTLS_CAMELLIA_192_CBC: Added
-gnutls_pubkey_import_tpm_raw: Added
gnutls_privkey_import_tpm_raw: Added
gnutls_privkey_import_pkcs11_url: Added
gnutls_privkey_import_openpgp_raw: Added
@@ -58,6 +57,8 @@ gnutls_tpm_key_list_deinit: Added
gnutls_tpm_key_list_get_url: Added
gnutls_tpm_get_registered: Added
gnutls_tpm_privkey_delete: Added
+gnutls_pubkey_import_tpm_raw: Added
+gnutls_pubkey_import_tpm_url: Added
gnutls_x509_privkey_import2: Added
gnutls_x509_privkey_import_openssl: Added
gnutls_load_file: Added
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 59b2a0d..ae1a439 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -483,6 +483,7 @@ FUNCS += functions/gnutls_pubkey_import_x509
FUNCS += functions/gnutls_pubkey_import_pkcs11
FUNCS += functions/gnutls_pubkey_import_openpgp
FUNCS += functions/gnutls_pubkey_import_privkey
+FUNCS += functions/gnutls_pubkey_import_tpm_url
FUNCS += functions/gnutls_pubkey_import_tpm_raw
FUNCS += functions/gnutls_pubkey_get_preferred_hash_algorithm
FUNCS += functions/gnutls_pubkey_get_pk_rsa_raw
@@ -516,6 +517,7 @@ FUNCS += functions/gnutls_privkey_import_openpgp
FUNCS += functions/gnutls_privkey_import_openpgp_raw
FUNCS += functions/gnutls_privkey_import_x509_raw
FUNCS += functions/gnutls_privkey_import_tpm_raw
+FUNCS += functions/gnutls_privkey_import_tpm_url
FUNCS += functions/gnutls_privkey_import_pkcs11_url
FUNCS += functions/gnutls_privkey_import_ext
FUNCS += functions/gnutls_privkey_import_ext2
@@ -997,6 +999,10 @@ FUNCS += functions/gnutls_pkcs12_bag_set_key_id
FUNCS += functions/gnutls_pkcs12_bag_get_friendly_name
FUNCS += functions/gnutls_pkcs12_bag_set_friendly_name
FUNCS += functions/gnutls_tpm_privkey_generate
+FUNCS += functions/gnutls_tpm_key_list_deinit
+FUNCS += functions/gnutls_tpm_key_list_get_url
+FUNCS += functions/gnutls_tpm_get_registered
+FUNCS += functions/gnutls_tpm_privkey_delete
FUNCS += functions/gnutls_x509_crt_init
FUNCS += functions/gnutls_x509_crt_deinit
FUNCS += functions/gnutls_x509_crt_import
diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c
index 19f824b..d41ef2c 100644
--- a/lib/gnutls_errors.c
+++ b/lib/gnutls_errors.c
@@ -288,6 +288,10 @@ static const gnutls_error_entry error_algorithms[] = {
ERROR_ENTRY (N_("TPM error."),
GNUTLS_E_TPM_ERROR, 1),
+ ERROR_ENTRY (N_("TPM is not initialized."),
+ GNUTLS_E_TPM_UNINITIALIZED, 1),
+ ERROR_ENTRY (N_("TPM key was not found in persistent storage."),
+ GNUTLS_E_TPM_KEY_NOT_FOUND, 1),
ERROR_ENTRY (N_("Cannot initialize a session with the TPM."),
GNUTLS_E_TPM_SESSION_ERROR, 1),
ERROR_ENTRY (N_("PKCS #11 error."),
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 8256e14..dc2da48 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -71,6 +71,9 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t
session,
int cipher_suites_size,
gnutls_pk_algorithm_t *pk_algos,
size_t pk_algos_size);
+static int _gnutls_handshake_common (gnutls_session_t session);
+static int _gnutls_handshake_client (gnutls_session_t session);
+static int _gnutls_handshake_server (gnutls_session_t session);
/* Empties but does not free the buffer
*/
@@ -2451,7 +2454,7 @@ gnutls_handshake (gnutls_session_t session)
* _gnutls_handshake_client
* This function performs the client side of the handshake of the TLS/SSL
protocol.
*/
-int
+static int
_gnutls_handshake_client (gnutls_session_t session)
{
int ret = 0;
@@ -2779,7 +2782,7 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
* _gnutls_handshake_server
* This function does the server stuff of the handshake protocol.
*/
-int
+static int
_gnutls_handshake_server (gnutls_session_t session)
{
int ret = 0;
@@ -2880,7 +2883,7 @@ _gnutls_handshake_server (gnutls_session_t session)
return 0;
}
-int
+static int
_gnutls_handshake_common (gnutls_session_t session)
{
int ret = 0;
diff --git a/lib/gnutls_handshake.h b/lib/gnutls_handshake.h
index 39c9c8a..22a55f7 100644
--- a/lib/gnutls_handshake.h
+++ b/lib/gnutls_handshake.h
@@ -33,9 +33,6 @@ int _gnutls_recv_handshake (gnutls_session_t session,
gnutls_handshake_description_t type,
unsigned int optional, gnutls_buffer_st* buf);
int _gnutls_generate_session_id (uint8_t * session_id, uint8_t * len);
-int _gnutls_handshake_common (gnutls_session_t session);
-int _gnutls_handshake_client (gnutls_session_t session);
-int _gnutls_handshake_server (gnutls_session_t session);
void _gnutls_set_server_random (gnutls_session_t session, uint8_t * rnd);
void _gnutls_set_client_random (gnutls_session_t session, uint8_t * rnd);
int _gnutls_tls_create_random (uint8_t * dst);
diff --git a/lib/gnutls_str.c b/lib/gnutls_str.c
index 0d6d087..5c40b9c 100644
--- a/lib/gnutls_str.c
+++ b/lib/gnutls_str.c
@@ -207,10 +207,17 @@ _gnutls_buffer_resize (gnutls_buffer_st * dest, size_t
new_size)
}
}
+/* Appends the provided string. The null termination byte is appended
+ * but not included in length.
+ */
int
_gnutls_buffer_append_str (gnutls_buffer_st * dest, const char *src)
{
- return _gnutls_buffer_append_data (dest, src, strlen (src));
+int ret;
+ ret = _gnutls_buffer_append_data (dest, src, strlen (src) + 1);
+ if (ret >= 0) dest->length--;
+
+ return ret;
}
/* returns data from a string in a constant buffer.
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 21363f3..ea1db6e 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -1918,6 +1918,8 @@ int gnutls_load_file(const char* filename, gnutls_datum_t
* data);
#define GNUTLS_E_TPM_KEY_PASSWORD_ERROR -330
#define GNUTLS_E_TPM_SRK_PASSWORD_ERROR -331
#define GNUTLS_E_TPM_SESSION_ERROR -332
+#define GNUTLS_E_TPM_KEY_NOT_FOUND -333
+#define GNUTLS_E_TPM_UNINITIALIZED -334
#define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 1315ee7..dd9aa1d 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -813,6 +813,7 @@ GNUTLS_3_1_0 {
gnutls_tpm_key_list_get_url;
gnutls_tpm_get_registered;
gnutls_tpm_privkey_delete;
+ gnutls_pubkey_import_tpm_url;
} GNUTLS_3_0_0;
GNUTLS_PRIVATE {
diff --git a/lib/tpm.c b/lib/tpm.c
index 27f720f..d72b2f3 100644
--- a/lib/tpm.c
+++ b/lib/tpm.c
@@ -73,23 +73,43 @@ static int import_tpm_key (gnutls_privkey_t pkey,
*/
-static int tss_err(TSS_RESULT err)
+static int tss_err_pwd(TSS_RESULT err, int pwd_error)
{
_gnutls_debug_log("TPM error: %s (%x)\n", Trspi_Error_String(err), (unsigned
int)Trspi_Error_Code(err));
- switch(Trspi_Error_Code(err))
+
+ switch(ERROR_LAYER(err))
{
- case TSS_E_COMM_FAILURE:
- case TSS_E_NO_CONNECTION:
- case TSS_E_CONNECTION_FAILED:
- case TSS_E_CONNECTION_BROKEN:
- return GNUTLS_E_TPM_SESSION_ERROR;
- case TPM_E_AUTHFAIL:
- return GNUTLS_E_TPM_SRK_PASSWORD_ERROR;
- default:
- return GNUTLS_E_TPM_ERROR;
+ case TSS_LAYER_TPM:
+ switch(ERROR_CODE(err))
+ {
+ case TPM_E_AUTHFAIL:
+ return pwd_error;
+ case TPM_E_NOSRK:
+ return GNUTLS_E_TPM_UNINITIALIZED;
+ default:
+ return GNUTLS_E_TPM_ERROR;
+ }
+ case TSS_LAYER_TCS:
+ switch(ERROR_CODE(err))
+ {
+ case TSS_E_COMM_FAILURE:
+ case TSS_E_NO_CONNECTION:
+ case TSS_E_CONNECTION_FAILED:
+ case TSS_E_CONNECTION_BROKEN:
+ return GNUTLS_E_TPM_SESSION_ERROR;
+ case TSS_E_PS_KEY_NOTFOUND:
+ return GNUTLS_E_TPM_KEY_NOT_FOUND;
+ default:
+ return GNUTLS_E_TPM_ERROR;
+ }
+ default:
+ return GNUTLS_E_TPM_ERROR;
}
}
+#define tss_err(x) tss_err_pwd(x, GNUTLS_E_TPM_SRK_PASSWORD_ERROR)
+#define tss_err_key(x) tss_err_pwd(x, GNUTLS_E_TPM_KEY_PASSWORD_ERROR)
+
static void
tpm_deinit_fn (gnutls_privkey_t key, void *_s)
{
@@ -367,7 +387,7 @@ import_tpm_key (gnutls_privkey_t pkey,
gnutls_assert ();
_gnutls_debug_log ("Failed to set key PIN: %s\n",
Trspi_Error_String (err));
- ret = GNUTLS_E_TPM_KEY_PASSWORD_ERROR;
+ ret = tss_err_key(err);
goto out_key_policy;
}
}
@@ -505,23 +525,86 @@ static int randomize_uuid(TSS_UUID* uuid)
return 0;
}
-static int encode_tpmkey_url(char** url, TSS_UUID* uuid)
+static int encode_tpmkey_url(char** url, const TSS_UUID* uuid, const TSS_UUID*
parent)
{
-size_t size = UUID_SIZE*2+4+32;
+size_t size = (UUID_SIZE*2+4)*2+32;
+uint8_t u1[UUID_SIZE];
+gnutls_buffer_st buf;
+gnutls_datum_t dret;
+int ret;
*url = gnutls_malloc(size);
if (*url == NULL)
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
- snprintf(*url, size,
"tpmkey:uuid=%.8x-%.4x-%.4x-%.2x%.2x-%.2x%.2x%.2x%.2x%.2x%.2x",
- (unsigned int)uuid->ulTimeLow, (unsigned int)uuid->usTimeMid,
- (unsigned int)uuid->usTimeHigh, (unsigned int)uuid->bClockSeqHigh,
- (unsigned int)uuid->bClockSeqLow, (unsigned int)uuid->rgbNode[0],
- (unsigned int)uuid->rgbNode[1], (unsigned int)uuid->rgbNode[2],
- (unsigned int)uuid->rgbNode[3], (unsigned int)uuid->rgbNode[4],
- (unsigned int)uuid->rgbNode[5]);
+ _gnutls_buffer_init(&buf);
+
+ memcpy(u1, &uuid->ulTimeLow, 4);
+ memcpy(&u1[4], &uuid->usTimeMid, 2);
+ memcpy(&u1[6], &uuid->usTimeHigh, 2);
+ u1[8] = uuid->bClockSeqHigh;
+ u1[9] = uuid->bClockSeqLow;
+ memcpy(&u1[10], uuid->rgbNode, 6);
+
+ ret = _gnutls_buffer_append_str(&buf, "tpmkey:uuid=");
+ if (ret < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ ret = _gnutls_buffer_append_printf(&buf,
"%.2x%.2x%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x%.2x%.2x%.2x%.2x",
+ (unsigned int)u1[0], (unsigned int)u1[1], (unsigned int)u1[2], (unsigned
int)u1[3],
+ (unsigned int)u1[4], (unsigned int)u1[5], (unsigned int)u1[6], (unsigned
int)u1[7],
+ (unsigned int)u1[8], (unsigned int)u1[9], (unsigned int)u1[10], (unsigned
int)u1[11],
+ (unsigned int)u1[12], (unsigned int)u1[13], (unsigned int)u1[14],
(unsigned int)u1[15]);
+ if (ret < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ if (parent)
+ {
+ memcpy(u1, &parent->ulTimeLow, 4);
+ memcpy(&u1[4], &parent->usTimeMid, 2);
+ memcpy(&u1[6], &parent->usTimeHigh, 2);
+ u1[8] = parent->bClockSeqHigh;
+ u1[9] = parent->bClockSeqLow;
+ memcpy(&u1[10], parent->rgbNode, 6);
+
+ ret = _gnutls_buffer_append_str(&buf, ";parent=");
+ if (ret < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ ret = _gnutls_buffer_append_printf(&buf,
"%.2x%.2x%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x%.2x%.2x%.2x%.2x",
+ (unsigned int)u1[0], (unsigned int)u1[1], (unsigned int)u1[2],
(unsigned int)u1[3],
+ (unsigned int)u1[4], (unsigned int)u1[5], (unsigned int)u1[6],
(unsigned int)u1[7],
+ (unsigned int)u1[8], (unsigned int)u1[9], (unsigned int)u1[10],
(unsigned int)u1[11],
+ (unsigned int)u1[12], (unsigned int)u1[13], (unsigned int)u1[14],
(unsigned int)u1[15]);
+ if (ret < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+ }
+
+ ret = _gnutls_buffer_to_datum(&buf, &dret);
+ if (ret < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ *url = (char*)dret.data;
return 0;
+cleanup:
+ _gnutls_buffer_clear(&buf);
+ return ret;
}
static int decode_tpmkey_url(const char* url, struct tpmkey_url_st *s)
@@ -551,9 +634,6 @@ static int decode_tpmkey_url(const char* url, struct
tpmkey_url_st *s)
gnutls_assert();
goto cleanup;
}
-
-
-
}
else if ((p = strstr(url, "uuid=")) != NULL)
{
@@ -998,7 +1078,7 @@ struct tpm_ctx_st s;
goto err_sa;
}
- /* set the key of the actual key */
+ /* set the password of the actual key */
if (key_password)
{
tssret = Tspi_GetPolicyObject(key_ctx, TSS_POLICY_USAGE, &key_policy);
@@ -1038,7 +1118,7 @@ struct tpm_ctx_st s;
goto err_sa;
}
- tssret = Tspi_Context_RegisterKey(s.tpm_ctx, key_ctx, TSS_PS_TYPE_USER,
+ tssret = Tspi_Context_RegisterKey(s.tpm_ctx, key_ctx, TSS_PS_TYPE_SYSTEM,
key_uuid, TSS_PS_TYPE_SYSTEM,
srk_uuid);
if (tssret != 0)
{
@@ -1047,12 +1127,12 @@ struct tpm_ctx_st s;
goto err_sa;
}
- ret = encode_tpmkey_url((char**)&privkey->data, &key_uuid);
+ ret = encode_tpmkey_url((char**)&privkey->data, &key_uuid, &srk_uuid);
if (ret < 0)
{
TSS_HKEY tkey;
- Tspi_Context_UnregisterKey(s.tpm_ctx, TSS_PS_TYPE_USER, key_uuid,
&tkey);
+ Tspi_Context_UnregisterKey(s.tpm_ctx, TSS_PS_TYPE_SYSTEM, key_uuid,
&tkey);
gnutls_assert();
goto err_sa;
}
@@ -1190,7 +1270,7 @@ gnutls_tpm_key_list_get_url (gnutls_tpm_key_list_t list,
unsigned int idx, char*
if (idx >= list->size)
return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
- return encode_tpmkey_url(url, &list->ki[idx].keyUUID);
+ return encode_tpmkey_url(url, &list->ki[idx].keyUUID,
&list->ki[idx].parentKeyUUID);
}
/**
@@ -1282,7 +1362,7 @@ int ret;
if (ret < 0)
return gnutls_assert_val(ret);
- tssret = Tspi_Context_UnregisterKey(s.tpm_ctx, TSS_PS_TYPE_USER, durl.uuid,
&tkey);
+ tssret = Tspi_Context_UnregisterKey(s.tpm_ctx, TSS_PS_TYPE_SYSTEM,
durl.uuid, &tkey);
if (tssret != 0)
{
gnutls_assert();
diff --git a/src/tpmtool-args.c b/src/tpmtool-args.c
index 30120fb..424cd5b 100644
--- a/src/tpmtool-args.c
+++ b/src/tpmtool-args.c
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (tpmtool-args.c)
*
- * It has been AutoGen-ed July 12, 2012 at 12:55:38 AM by AutoGen 5.16
+ * It has been AutoGen-ed July 13, 2012 at 11:26:27 AM by AutoGen 5.16
* From the definitions tpmtool-args.def
* and the template file options
*
@@ -180,7 +180,8 @@ static char const tpmtool_opt_strs[1821] =
#define PUBKEY_DESC (tpmtool_opt_strs+1096)
#define PUBKEY_NAME (tpmtool_opt_strs+1138)
#define PUBKEY_name (tpmtool_opt_strs+1145)
-#define PUBKEY_FLAGS (OPTST_DISABLED)
+#define PUBKEY_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* list option description:
diff --git a/src/tpmtool-args.def b/src/tpmtool-args.def
index 84b62cc..79187f0 100644
--- a/src/tpmtool-args.def
+++ b/src/tpmtool-args.def
@@ -24,6 +24,8 @@ flag = {
flag = {
name = pubkey;
+ arg-type = string;
+ arg-name = "url";
descrip = "Prints the public key of the provided key";
doc = "";
};
diff --git a/src/tpmtool-args.h b/src/tpmtool-args.h
index 0ae0286..d582d45 100644
--- a/src/tpmtool-args.h
+++ b/src/tpmtool-args.h
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (tpmtool-args.h)
*
- * It has been AutoGen-ed July 12, 2012 at 12:55:38 AM by AutoGen 5.16
+ * It has been AutoGen-ed July 13, 2012 at 11:26:27 AM by AutoGen 5.16
* From the definitions tpmtool-args.def
* and the template file options
*
diff --git a/src/tpmtool.c b/src/tpmtool.c
index 4e2f410..c4e2866 100644
--- a/src/tpmtool.c
+++ b/src/tpmtool.c
@@ -51,7 +51,7 @@
static void cmd_parser (int argc, char **argv);
static void tpm_generate(FILE* outfile, unsigned int key_type, unsigned int
bits, int reg);
-static void tpm_pubkey(FILE* infile, FILE* outfile);
+static void tpm_pubkey(const char* url, FILE* outfile);
static void tpm_delete(const char* url, FILE* outfile);
static void tpm_list(FILE* outfile);
@@ -134,7 +134,7 @@ cmd_parser (int argc, char **argv)
}
else if (HAVE_OPT(PUBKEY))
{
- tpm_pubkey (infile, outfile);
+ tpm_pubkey (OPT_ARG(PUBKEY), outfile);
}
else if (HAVE_OPT(DELETE))
{
@@ -182,10 +182,13 @@ static void tpm_generate(FILE* outfile, unsigned int
key_type, unsigned int bits
if (ret < 0)
error (EXIT_FAILURE, 0, "gnutls_tpm_privkey_generate: %s", gnutls_strerror
(ret));
- fwrite (pubkey.data, 1, pubkey.size, outfile);
- fputs ("\n", outfile);
+/* fwrite (pubkey.data, 1, pubkey.size, outfile);
+ fputs ("\n", outfile);*/
fwrite (privkey.data, 1, privkey.size, outfile);
fputs ("\n", outfile);
+
+ gnutls_free(privkey.data);
+ gnutls_free(pubkey.data);
}
static void tpm_delete(const char* url, FILE* outfile)
@@ -213,7 +216,7 @@ static void tpm_list(FILE* outfile)
if (ret < 0)
error (EXIT_FAILURE, 0, "gnutls_tpm_get_registered: %s", gnutls_strerror
(ret));
- fprintf(outfile, "Available keys under SRK:\n");
+ fprintf(outfile, "Available keys:\n");
for (i=0;;i++)
{
ret = gnutls_tpm_key_list_get_url(list, i, &url);
@@ -229,30 +232,24 @@ static void tpm_list(FILE* outfile)
fputs ("\n", outfile);
}
-static void tpm_pubkey(FILE* infile, FILE* outfile)
+static void tpm_pubkey(const char* url, FILE* outfile)
{
int ret;
char* srk_pass;
- gnutls_datum_t data;
gnutls_pubkey_t pubkey;
- size_t size;
srk_pass = getpass ("Enter SRK password: ");
if (srk_pass != NULL)
srk_pass = strdup(srk_pass);
- data.data = (void*)fread_file (infile, &size);
- data.size = size;
-
gnutls_pubkey_init(&pubkey);
- ret = gnutls_pubkey_import_tpm_raw(pubkey, &data, GNUTLS_X509_FMT_PEM,
- srk_pass);
+ ret = gnutls_pubkey_import_tpm_url(pubkey, url, srk_pass);
free(srk_pass);
if (ret < 0)
- error (EXIT_FAILURE, 0, "gnutls_pubkey_import_tpm_raw: %s",
gnutls_strerror (ret));
+ error (EXIT_FAILURE, 0, "gnutls_pubkey_import_tpm_url: %s",
gnutls_strerror (ret));
_pubkey_info(outfile, pubkey);
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_21-20-gc57bbd2,
Nikos Mavrogiannopoulos <=