1 /* 2 * The Initial Developer of the Original Code is International 3 * Business Machines Corporation. Portions created by IBM 4 * Corporation are Copyright (C) 2005 International Business 5 * Machines Corporation. All Rights Reserved. 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the Common Public License as published by 9 * IBM Corporation; either version 1 of the License, or (at your option) 10 * any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * Common Public License for more details. 16 * 17 * You should have received a copy of the Common Public License 18 * along with this program; if not, a copy can be viewed at 19 * http://www.opensource.org/licenses/cpl1.0.php. 20 */ 21 22 #include "tpm_tspi.h" 23 #include "tpm_utils.h" 24 25 static BOOL isWellKnown = FALSE; 26 TSS_HCONTEXT hContext = 0; 27 28 static int parse(const int aOpt, const char *aArg) 29 { 30 31 switch (aOpt) { 32 case 'z': 33 logDebug(_("Using TSS_WELL_KNOWN_SECRET to authorize the TPM command\n")); 34 isWellKnown = TRUE; 35 break; 36 default: 37 return -1; 38 } 39 return 0; 40 } 41 static void help(const char* aCmd) 42 { 43 logCmdHelp(aCmd); 44 logUnicodeCmdOption(); 45 logCmdOption("-z, --well-known", 46 _("Use 20 bytes of zeros (TSS_WELL_KNOWN_SECRET) as the TPM secret authorization data")); 47 } 48 49 int main(int argc, char **argv) 50 { 51 52 char *szTpmPasswd = NULL; 53 int pswd_len; 54 TSS_RESULT tResult; 55 TSS_HTPM hTpm; 56 TSS_HKEY hEk; 57 TSS_HPOLICY hTpmPolicy; 58 int iRc = -1; 59 struct option hOpts[] = { 60 {"well-known", no_argument, NULL, 'z'}, 61 }; 62 BYTE well_known[] = TSS_WELL_KNOWN_SECRET; 63 64 initIntlSys(); 65 66 if (genericOptHandler 67 (argc, argv, "z", hOpts, 68 sizeof(hOpts) / sizeof(struct option), parse, help) != 0) 69 goto out; 70 71 if (contextCreate(&hContext) != TSS_SUCCESS) 72 goto out; 73 74 if (contextConnect(hContext) != TSS_SUCCESS) 75 goto out_close; 76 77 if (contextGetTpm(hContext, &hTpm) != TSS_SUCCESS) 78 goto out_close; 79 80 tResult = tpmGetPubEk(hTpm, FALSE, NULL, &hEk); 81 if (tResult == TCPA_E_DISABLED_CMD) { 82 logInfo 83 (_("Public PubEk access blocked, owner password required\n")); 84 if (isWellKnown) { 85 szTpmPasswd = (char *)well_known; 86 pswd_len = sizeof(well_known); 87 } else { 88 // Prompt for owner password 89 szTpmPasswd = GETPASSWD(_("Enter owner password: "), &pswd_len, FALSE); 90 if (!szTpmPasswd) { 91 logMsg(_("Failed to get password\n")); 92 goto out_close; 93 } 94 } 95 96 if (policyGet(hTpm, &hTpmPolicy) != TSS_SUCCESS) 97 goto out_close; 98 99 if (policySetSecret 100 (hTpmPolicy, pswd_len, 101 (BYTE *)szTpmPasswd) != TSS_SUCCESS) 102 goto out_close; 103 104 tResult = tpmGetPubEk(hTpm, TRUE, NULL, &hEk); 105 } 106 if (tResult != TSS_SUCCESS) 107 goto out_close; 108 109 logMsg(_("Public Endorsement Key:\n")); 110 if (displayKey(hEk) != TSS_SUCCESS) 111 goto out_close; 112 113 iRc = 0; 114 logSuccess(argv[0]); 115 116 out_close: 117 contextClose(hContext); 118 119 out: 120 if (szTpmPasswd && !isWellKnown) 121 shredPasswd(szTpmPasswd); 122 123 return iRc; 124 } 125