1 /*
2 * The Initial Developer of the Original Code is International
3 * Business Machines Corporation. Portions created by IBM
4 * Corporation are Copyright (C) 2005 International Business
5 * Machines Corporation. All Rights Reserved.
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the Common Public License as published by
9 * IBM Corporation; either version 1 of the License, or (at your option)
10 * any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * Common Public License for more details.
16 *
17 * You should have received a copy of the Common Public License
18 * along with this program; if not, a copy can be viewed at
19 * http://www.opensource.org/licenses/cpl1.0.php.
20 */
21
22 #include "tpm_tspi.h"
23 #include "tpm_utils.h"
24
25 static BOOL isWellKnown = FALSE;
26 TSS_HCONTEXT hContext = 0;
27
parse(const int aOpt,const char * aArg)28 static int parse(const int aOpt, const char *aArg)
29 {
30
31 switch (aOpt) {
32 case 'z':
33 logDebug(_("Using TSS_WELL_KNOWN_SECRET to authorize the TPM command\n"));
34 isWellKnown = TRUE;
35 break;
36 default:
37 return -1;
38 }
39 return 0;
40 }
help(const char * aCmd)41 static void help(const char* aCmd)
42 {
43 logCmdHelp(aCmd);
44 logUnicodeCmdOption();
45 logCmdOption("-z, --well-known",
46 _("Use 20 bytes of zeros (TSS_WELL_KNOWN_SECRET) as the TPM secret authorization data"));
47 }
48
main(int argc,char ** argv)49 int main(int argc, char **argv)
50 {
51
52 char *szTpmPasswd = NULL;
53 int pswd_len;
54 TSS_RESULT tResult;
55 TSS_HTPM hTpm;
56 TSS_HKEY hEk;
57 TSS_HPOLICY hTpmPolicy;
58 int iRc = -1;
59 struct option hOpts[] = {
60 {"well-known", no_argument, NULL, 'z'},
61 };
62 BYTE well_known[] = TSS_WELL_KNOWN_SECRET;
63
64 initIntlSys();
65
66 if (genericOptHandler
67 (argc, argv, "z", hOpts,
68 sizeof(hOpts) / sizeof(struct option), parse, help) != 0)
69 goto out;
70
71 if (contextCreate(&hContext) != TSS_SUCCESS)
72 goto out;
73
74 if (contextConnect(hContext) != TSS_SUCCESS)
75 goto out_close;
76
77 if (contextGetTpm(hContext, &hTpm) != TSS_SUCCESS)
78 goto out_close;
79
80 tResult = tpmGetPubEk(hTpm, FALSE, NULL, &hEk);
81 if (tResult == TCPA_E_DISABLED_CMD) {
82 logInfo
83 (_("Public PubEk access blocked, owner password required\n"));
84 if (isWellKnown) {
85 szTpmPasswd = (char *)well_known;
86 pswd_len = sizeof(well_known);
87 } else {
88 // Prompt for owner password
89 szTpmPasswd = GETPASSWD(_("Enter owner password: "), &pswd_len, FALSE);
90 if (!szTpmPasswd) {
91 logMsg(_("Failed to get password\n"));
92 goto out_close;
93 }
94 }
95
96 if (policyGet(hTpm, &hTpmPolicy) != TSS_SUCCESS)
97 goto out_close;
98
99 if (policySetSecret
100 (hTpmPolicy, pswd_len,
101 (BYTE *)szTpmPasswd) != TSS_SUCCESS)
102 goto out_close;
103
104 tResult = tpmGetPubEk(hTpm, TRUE, NULL, &hEk);
105 }
106 if (tResult != TSS_SUCCESS)
107 goto out_close;
108
109 logMsg(_("Public Endorsement Key:\n"));
110 if (displayKey(hEk) != TSS_SUCCESS)
111 goto out_close;
112
113 iRc = 0;
114 logSuccess(argv[0]);
115
116 out_close:
117 contextClose(hContext);
118
119 out:
120 if (szTpmPasswd && !isWellKnown)
121 shredPasswd(szTpmPasswd);
122
123 return iRc;
124 }
125