github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tpm2/tpm2_apps/Endorsement/MakeEndorsementCert.go

github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tpm2/tpm2_apps/Endorsement/MakeEndorsementCert.go (about)

     1  // Copyright (c) 2014, Google, Inc. All rights reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  //
    15  
    16  package main
    17  
    18  import (
    19  	"flag"
    20  	"fmt"
    21  	"log"
    22  
    23  	"github.com/jlmucb/cloudproxy/go/tao"
    24  )
    25  
    26  var (
    27  	// TODO(jlm): The assumption here is that the endorsement key is always an RSA key.
    28  	// This is OK for now since TPM 1.2 can only have RSA keys and tao_tpm2 only supports
    29  	// RSA keys but this should be specified by a flag.
    30  	keySize = flag.Int("modulus_size", 2048, "Modulus size for keys")
    31  	keyName = flag.String("endorsement_key_name",
    32  		"JohnsHw", "endorsement key name")
    33  	endorsementCertFile = flag.String("endorsement_save_file",
    34  		"endorsement.cert.der", "endorsement save file")
    35  	policyCertFile = flag.String("policy_cert_file",
    36  		"policy.cert.go.der", "cert file")
    37  	policyKeyFile = flag.String("policy_key_file", "policy.go.bin",
    38  		"policy save file")
    39  	// TODO(jlm): Should default be "xxx" below?
    40  	policyKeyPassword = flag.String("policy_key_password", "xxx",
    41  		"policy key password")
    42  	// TODO(jlm): Should this be "./policy_keys/"?
    43  	policyKeyDir = flag.String("policy_key_dir", "./keys/", "Path to policy keys")
    44  	// TODO(jlm): This should be policy key type.  Since we have a key file, we can actually tell
    45  	//	without this flag.
    46  	policyKeyIsEcdsa = flag.Bool("policy_key_is_ecdsa", false, "Whether the policy key is a ECDSA key")
    47  )
    48  
    49  // This program makes the endorsement certificate given the Policy key.
    50  func main() {
    51  	flag.Parse()
    52  	fmt.Printf("Policy key password: %s\n", *policyKeyPassword)
    53  	err := tao.HandleEndorsement(*keySize, *keyName, *endorsementCertFile, *policyCertFile,
    54  		*policyKeyFile, *policyKeyPassword, *policyKeyDir, *policyKeyIsEcdsa)
    55  	if err != nil {
    56  		log.Fatal(err)
    57  	}
    58  }