[portage-stable] add --pass support to tpm_clear

BUG=chromium-os:19971 TEST=Adhoc tpm_clear -l debug --pass <tpm password> works. Change-Id: Ibcd7eb02e07d244caaafc02993cb58b3868739fc Signed-off-by: Elly Jones <ellyjones@chromium.org> Reviewed-on: https://gerrit.chromium.org/gerrit/20590 Reviewed-by: Kees Cook <keescook@chromium.org>
2025-09-30 01:51:09 +02:00 · 2012-04-19 13:04:13 -04:00 · 2012-04-19 13:04:13 -04:00 · 8bfa7483af
commit 8bfa7483af
parent 1db581847f
2 changed files with 119 additions and 0 deletions
--- a/sdk_container/src/third_party/portage-stable/app-crypt/tpm-tools/files/tpm-tools-1.3.5-password.patch
+++ b/sdk_container/src/third_party/portage-stable/app-crypt/tpm-tools/files/tpm-tools-1.3.5-password.patch
@ -0,0 +1,71 @@
 diff --git a/src/tpm_mgmt/tpm_clear.c b/src/tpm_mgmt/tpm_clear.c
 index c7b286f..6549a67 100644
 --- a/src/tpm_mgmt/tpm_clear.c
 +++ b/src/tpm_mgmt/tpm_clear.c
@@ -25,6 +25,7 @@
 //Controled by input options
 static BOOL bValue = FALSE;	//If true FORCE CLEAR
 static BOOL isWellKnown = FALSE;
 +static char *szTpmPasswd = NULL;
 TSS_HCONTEXT hContext = 0;
 static inline TSS_RESULT tpmClearOwner(TSS_HTPM a_hTpm, BOOL a_bValue)
@@ -42,6 +43,7 @@ static void help(const char *aCmd)
 	logCmdHelp(aCmd);
 	logUnicodeCmdOption();
 	logCmdOption("-f, --force", _("Use physical presence authorization."));
 +	logCmdOption("-p, --password", _("TPM authorization data."));
 	logCmdOption("-z, --well-known",
 		     _("Use 20 bytes of zeros (TSS_WELL_KNOWN_SECRET) as the TPM secret authorization data"));
 }
@@ -54,6 +56,10 @@ static int parse(const int aOpt, const char *aArg)
 		logDebug(_("Changing mode to use force authorization\n"));
 		bValue = TRUE;
 		break;
 +	case 'p':
 +		logDebug(_("Setting password\n"));
 +		szTpmPasswd = strdup(aArg);
 +		break;
 	case 'z':
 		logDebug(_("Using TSS_WELL_KNOWN_SECRET to authorize the TPM command\n"));
 		isWellKnown = TRUE;
@@ -68,13 +74,13 @@ static int parse(const int aOpt, const char *aArg)
 int main(int argc, char **argv)
 {
 -	char *szTpmPasswd = NULL;
 	int pswd_len;
 	TSS_HTPM hTpm;
 	TSS_HPOLICY hTpmPolicy;
 	int iRc = -1;
 	struct option opts[] = {
 			{"force", no_argument, NULL, 'f'},
 +			{"pass", required_argument, NULL, 'p'},
 			{"well-known", no_argument, NULL, 'z'},
 	};
 	BYTE well_known[] = TSS_WELL_KNOWN_SECRET;
@@ -82,7 +88,7 @@ int main(int argc, char **argv)
         initIntlSys();
 	if (genericOptHandler
 -	    (argc, argv, "fz", opts, sizeof(opts) / sizeof(struct option),
 +	    (argc, argv, "fpz", opts, sizeof(opts) / sizeof(struct option),
 	     parse, help) != 0)
 		goto out;
@@ -99,12 +105,14 @@ int main(int argc, char **argv)
 		if (isWellKnown){
 			szTpmPasswd = (char *)well_known;
 			pswd_len = sizeof(well_known);
 -		}else{
 +		}else if (!szTpmPasswd){
 			szTpmPasswd = GETPASSWD(_("Enter owner password: "), &pswd_len, FALSE);
 			if (!szTpmPasswd) {
 				logMsg(_("Failed to get password\n"));
 				goto out_close;
 			}
 +		}else{
 +			pswd_len = strlen(szTpmPasswd);
 		}
 		if (policyGet(hTpm, &hTpmPolicy) != TSS_SUCCESS)
--- a/sdk_container/src/third_party/portage-stable/app-crypt/tpm-tools/tpm-tools-1.3.5-r2.ebuild
+++ b/sdk_container/src/third_party/portage-stable/app-crypt/tpm-tools/tpm-tools-1.3.5-r2.ebuild
@ -0,0 +1,48 @@
 # Copyright 1999-2011 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Header: /var/cvsroot/gentoo-x86/app-crypt/tpm-tools/tpm-tools-1.3.5-r1.ebuild,v 1.1 2011/03/31 22:19:40 flameeyes Exp $
 EAPI=4
 inherit autotools eutils flag-o-matic
 DESCRIPTION="TrouSerS' support tools for the Trusted Platform Modules"
 HOMEPAGE="http://trousers.sourceforge.net"
 SRC_URI="mirror://sourceforge/trousers/${P}.tar.gz"
 LICENSE="CPL-1.0"
 SLOT="0"
 KEYWORDS="~amd64 ~x86"
 IUSE="nls pkcs11 debug"
 COMMON_DEPEND="
 	>=app-crypt/trousers-0.3.0
 	dev-libs/openssl
 	pkcs11? ( dev-libs/opencryptoki )
 	"
 RDEPEND="${COMMON_DEPEND}
 	nls? ( virtual/libintl )"
 DEPEND="${COMMON_DEPEND}
 	nls? ( sys-devel/gettext )"
 src_prepare() {
 	sed -i -e "s/-Werror //" configure.in || die "Sed failed"
 	epatch "${FILESDIR}"/${PN}-1.3.1-gold.patch
 	epatch "${FILESDIR}"/${PN}-1.3.5-password.patch
 	eautoreconf
 }
 src_configure() {
 	local myconf="$(use_enable nls)"
 	# don't use --enable-pkcs11-support, configure is a mess.
 	use pkcs11 || myconf+=" --disable-pkcs11-support"
 	use debug && append-flags -DDEBUG || append-flags -DNDEBUG
 	econf ${myconf}
 }
 src_install() {
 	emake DESTDIR="${D}" install || die "emake install failed"
 	dodoc README
 }