github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/src/tpm2/SigningInstructions.cc (about) 1 #include <stdio.h> 2 #include <stdlib.h> 3 #include <sys/types.h> 4 #include <sys/stat.h> 5 #include <fcntl.h> 6 #include <unistd.h> 7 #include <string.h> 8 9 #include <openssl/rsa.h> 10 11 #include <tpm20.h> 12 #include <tpm2_lib.h> 13 #include <tpm2.pb.h> 14 #include <gflags/gflags.h> 15 16 // 17 // Copyright 2015 Google Corporation, All Rights Reserved. 18 // 19 // Licensed under the Apache License, Version 2.0 (the "License"); 20 // you may not use this file except in compliance with the License. 21 // You may obtain a copy of the License at 22 // http://www.apache.org/licenses/LICENSE-2.0 23 // or in the the file LICENSE-2.0.txt in the top level sourcedirectory 24 // Unless required by applicable law or agreed to in writing, software 25 // distributed under the License is distributed on an "AS IS" BASIS, 26 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 27 // See the License for the specific language governing permissions and 28 // limitations under the License 29 // 30 // Portions of this code were derived TPM2.0-TSS published 31 // by Intel under the license set forth in intel_license.txt 32 // and downloaded on or about August 6, 2015. 33 // Portions of this code were derived tboot published 34 // by Intel under the license set forth in intel_license.txt 35 // and downloaded on or about August 6, 2015. 36 // Portions of this code were derived from the crypto utility 37 // published by John Manferdelli under the Apache 2.0 license. 38 // See github.com/jlmucb/crypto. 39 // File: SigningInstructions.cc 40 41 42 // This program initializes the signing instructions. 43 44 // Calling sequence 45 // SigningInstructions.exe 46 // --issuer=name 47 // --purpose=purpose 48 // --hash_alg=[sha1|sha256] 49 // --duration=duration-in-seconds 50 // --instructions_file=output-file 51 // --can_sign=[true|false] 52 using std::string; 53 54 #define DEBUG 55 56 #define CALLING_SEQUENCE "SigningInstructions.exe "\ 57 "--issuer=name " \ 58 "--purpose=purpose " \ 59 "--isCA=[true|false]" \ 60 "--hash_alg=[sha1|sha256] " \ 61 "--duration=duration-in-seconds " \ 62 "--can_sign=[true|false] " \ 63 "--instructions_file=output-file\n" 64 65 void PrintOptions() { 66 printf(CALLING_SEQUENCE); 67 } 68 69 DEFINE_string(issuer, "", "issuer name"); 70 DEFINE_string(purpose, "critical: DigitalSignature, KeyEncipherment", "purpose"); 71 DEFINE_string(hash_alg, "sha1", "hash alg"); 72 DEFINE_int64(duration, 31536000, "duration (in seconds)"); 73 DEFINE_string(instructions_file, "signing_instructions", "output-file-name"); 74 DEFINE_bool(isCA, false, "is CA"); 75 DEFINE_bool(can_sign, true, "can sign"); 76 77 #ifndef GFLAGS_NS 78 #define GFLAGS_NS google 79 #endif 80 81 #define MAXKEY_BUF 8192 82 83 int main(int an, char** av) { 84 signing_instructions_message message; 85 int ret_val = 0; 86 87 printf("\nSigningInstructions\n\n"); 88 89 GFLAGS_NS::ParseCommandLineFlags(&an, &av, true); 90 91 message.set_issuer(FLAGS_issuer); 92 message.set_duration(FLAGS_duration); 93 message.set_purpose(FLAGS_purpose); 94 message.set_hash_alg(FLAGS_hash_alg); 95 message.set_can_sign(true); 96 message.set_isca(FLAGS_isCA); 97 string output; 98 if (!message.SerializeToString(&output)) { 99 printf("Can't serialize output\n"); 100 ret_val = 1; 101 goto done; 102 } 103 #ifdef DEBUG 104 printf("Signinginstructions: %s\n", message.DebugString().c_str()); 105 #endif 106 if (!WriteFileFromBlock(FLAGS_instructions_file, output.size(), 107 (byte*)output.data())) { 108 printf("Can't write output file\n"); 109 ret_val = 1; 110 } 111 done: 112 return ret_val; 113 } 114