tpm-tools: add package

Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Armin Kuster <akuster808@gmail.com> 2016-04-10 22:09:47 -0700
committer: Armin Kuster <akuster808@gmail.com> 2016-04-23 08:03:42 -0700
commit: d1e8ef4b294672813e142734c0c31377a43fe532 (patch)
tree: 7731ed462252688a30066be696fd9cf4122e03fa
parent: f2f70c2de96c6ba6f120c249833d22b8776f58a9 (diff)
download: meta-security-d1e8ef4b294672813e142734c0c31377a43fe532.tar.gz
3 files changed, 296 insertions, 0 deletions
diff --git a/recipes-tpm/tpm-tools/tpm-tools-1.3.8/03-fix-bool-error-parseStringWithValues.patch b/recipes-tpm/tpm-tools/tpm-tools-1.3.8/03-fix-bool-error-parseStringWithValues.patch
new file mode 100644
index 0000000..9497e89
--- /dev/null
+++ b/recipes-tpm/tpm-tools/tpm-tools-1.3.8/03-fix-bool-error-parseStringWithValues.patch
@@ -0,0 +1,30 @@
+Title: Fix boolean comparison error (and FTBFS with gcc-5)
+Date: 2015-06-28
+Author: Pierre Chifflier <pollux@debian.org>
+Bug-Debian: http://bugs.debian.org/778147
+Index: tpm-tools/src/tpm_mgmt/tpm_nvcommon.c
+===================================================================
+--- tpm-tools.orig/src/tpm_mgmt/tpm_nvcommon.c
+++ tpm-tools/src/tpm_mgmt/tpm_nvcommon.c
+@@ -140,8 +140,8 @@ int parseStringWithValues(const char *aA
+                                                 aArg);
+                                        return -1;
+                                }
+-                               if (!aArg[offset+numbytes] == '|' &&
+-                                   !aArg[offset+numbytes] == 0) {
+                               if (!(aArg[offset+numbytes] == '|' ||
+                                     aArg[offset+numbytes] == 0)) {
+                                        logError(_("Illegal character following "
+                                                    "hexadecimal number in %s\n"),
+                                                 aArg + offset);
+@@ -164,8 +164,8 @@ int parseStringWithValues(const char *aA
+                                return -1;
+                        }
+ 
+-                       if (!aArg[offset+numbytes] == '|' &&
+-                           !aArg[offset+numbytes] == 0) {
+                       if (!(aArg[offset+numbytes] == '|' ||
+                             aArg[offset+numbytes] == 0)) {
+                                logError(_("Illegal character following decimal "
+                                           "number in %s\n"),
+                                         aArg + offset);
diff --git a/recipes-tpm/tpm-tools/tpm-tools-1.3.8/tpm-tools-extendpcr.patch b/recipes-tpm/tpm-tools/tpm-tools-1.3.8/tpm-tools-extendpcr.patch
new file mode 100644
index 0000000..ab5e683
--- /dev/null
+++ b/recipes-tpm/tpm-tools/tpm-tools-1.3.8/tpm-tools-extendpcr.patch
@@ -0,0 +1,244 @@
+Index: tpm-tools-1.3.8/include/tpm_tspi.h
+===================================================================
+--- tpm-tools-1.3.8.orig/include/tpm_tspi.h     2011-08-17 08:20:35.000000000 -0400
+++ tpm-tools-1.3.8/include/tpm_tspi.h  2013-01-05 23:26:31.571598217 -0500
+@@ -117,6 +117,10 @@
+                        UINT32 *a_PcrSize, BYTE **a_PcrValue);
+ TSS_RESULT pcrcompositeSetPcrValue(TSS_HPCRS a_hPcrs, UINT32 a_Idx,
+                                        UINT32 a_PcrSize, BYTE *a_PcrValue);
+TSS_RESULT tpmPcrExtend(TSS_HTPM a_hTpm, UINT32 a_Idx,
+                       UINT32 a_DataSize, BYTE *a_Data,
+                       TSS_PCR_EVENT *a_Event,
+                       UINT32 *a_PcrSize, BYTE **a_PcrValue);
+ #ifdef TSS_LIB_IS_12
+ TSS_RESULT unloadVersionInfo(UINT64 *offset, BYTE *blob, TPM_CAP_VERSION_INFO *v);
+ TSS_RESULT pcrcompositeSetPcrLocality(TSS_HPCRS a_hPcrs, UINT32 localityValue);
+Index: tpm-tools-1.3.8/lib/tpm_tspi.c
+===================================================================
+--- tpm-tools-1.3.8.orig/lib/tpm_tspi.c 2011-08-17 08:20:35.000000000 -0400
+++ tpm-tools-1.3.8/lib/tpm_tspi.c      2013-01-05 23:27:37.731593490 -0500
+@@ -594,6 +594,20 @@
+        return result;
+ }
+ 
+TSS_RESULT
+tpmPcrExtend(TSS_HTPM a_hTpm, UINT32 a_Idx,
+               UINT32 a_DataSize, BYTE *a_Data,
+               TSS_PCR_EVENT *a_Event,
+               UINT32 *a_PcrSize, BYTE **a_PcrValue)
+{
+       TSS_RESULT result =
+               Tspi_TPM_PcrExtend(a_hTpm, a_Idx, a_DataSize, a_Data, a_Event,
+                                  a_PcrSize, a_PcrValue);
+       tspiResult("Tspi_TPM_PcrExtend", result);
+
+       return result;
+}
+
+ #ifdef TSS_LIB_IS_12
+ /*
+  * These getPasswd functions will wrap calls to the other functions and check to see if the TSS
+Index: tpm-tools-1.3.8/src/cmds/Makefile.am
+===================================================================
+--- tpm-tools-1.3.8.orig/src/cmds/Makefile.am   2011-08-15 13:52:08.000000000 -0400
+++ tpm-tools-1.3.8/src/cmds/Makefile.am        2013-01-05 23:30:46.223593698 -0500
+@@ -22,6 +22,7 @@
+ #
+ 
+ bin_PROGRAMS   =       tpm_sealdata \
+                       tpm_extendpcr \
+                        tpm_unsealdata
+ 
+ if TSS_LIB_IS_12
+@@ -33,4 +34,5 @@
+ LDADD          =       $(top_builddir)/lib/libtpm_tspi.la -ltspi $(top_builddir)/lib/libtpm_unseal.la -ltpm_unseal -lcrypto
+ 
+ tpm_sealdata_SOURCES = tpm_sealdata.c
+tpm_extendpcr_SOURCES = tpm_extendpcr.c
+ tpm_unsealdata_SOURCES = tpm_unsealdata.c
+Index: tpm-tools-1.3.8/src/cmds/tpm_extendpcr.c
+===================================================================
+--- /dev/null   1970-01-01 00:00:00.000000000 +0000
+++ tpm-tools-1.3.8/src/cmds/tpm_extendpcr.c    2013-01-05 23:37:43.403585514 -0500
+@@ -0,0 +1,181 @@
+/*
+ * The Initial Developer of the Original Code is International
+ * Business Machines Corporation. Portions created by IBM
+ * Corporation are Copyright (C) 2005, 2006 International Business
+ * Machines Corporation. All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the Common Public License as published by
+ * IBM Corporation; either version 1 of the License, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * Common Public License for more details.
+ *
+ * You should have received a copy of the Common Public License
+ * along with this program; if not, a copy can be viewed at
+ * http://www.opensource.org/licenses/cpl1.0.php.
+ */
+#include <openssl/evp.h>
+#include <openssl/sha.h>
+#include <limits.h>
+#include "tpm_tspi.h"
+#include "tpm_utils.h"
+#include "tpm_seal.h"
+
+// #define TPM_EXTENDPCR_DEBUG
+
+static void help(const char *aCmd)
+{
+       logCmdHelp(aCmd);
+       logCmdOption("-i, --infile FILE",
+                    _
+                    ("Filename containing data to extend PCRs with. Default is STDIN."));
+       logCmdOption("-p, --pcr NUMBER",
+                    _("PCR to extend."));
+
+}
+
+static char in_filename[PATH_MAX] = "";
+static TSS_HPCRS hPcrs = NULL_HPCRS;
+static TSS_HTPM hTpm;
+static UINT32 selectedPcrs[24];
+static UINT32 selectedPcrsLen = 0;
+TSS_HCONTEXT hContext = 0;
+
+static int parse(const int aOpt, const char *aArg)
+{
+       int rc = -1;
+
+       switch (aOpt) {
+       case 'i':
+               if (aArg) {
+                       strncpy(in_filename, aArg, PATH_MAX);
+                       rc = 0;
+               }
+               break;
+       case 'p':
+               if (aArg) {
+                       selectedPcrs[selectedPcrsLen++] = atoi(aArg);
+                       rc = 0;
+               }
+               break;
+       default:
+               break;
+       }
+       return rc;
+
+}
+
+int main(int argc, char **argv)
+{
+
+       int iRc = -1;
+       struct option opts[] = {
+               {"infile", required_argument, NULL, 'i'},
+               {"pcr", required_argument, NULL, 'p'},
+       };
+       unsigned char line[EVP_MD_block_size(EVP_sha1()) * 16];
+       int lineLen;
+       UINT32 i;
+
+       BIO *bin = NULL;
+
+       initIntlSys();
+
+       if (genericOptHandler(argc, argv, "i:p:", opts,
+                             sizeof(opts) / sizeof(struct option), parse,
+                             help) != 0)
+               goto out;
+
+       if (contextCreate(&hContext) != TSS_SUCCESS)
+               goto out;
+
+       if (contextConnect(hContext) != TSS_SUCCESS)
+               goto out_close;
+
+       if (contextGetTpm(hContext, &hTpm) != TSS_SUCCESS)
+               goto out_close;
+
+       /* Create a BIO for the input file */
+       if ((bin = BIO_new(BIO_s_file())) == NULL) {
+               logError(_("Unable to open input BIO\n"));
+               goto out_close;
+       }
+
+       /* Assign the input file to the BIO */
+       if (strlen(in_filename) == 0) 
+               BIO_set_fp(bin, stdin, BIO_NOCLOSE);
+       else if (!BIO_read_filename(bin, in_filename)) {
+               logError(_("Unable to open input file: %s\n"),
+                        in_filename);
+               goto out_close;
+       }
+
+       /* Create the PCRs object. If any PCRs above 15 are selected, this will need to be
+        * a 1.2 TSS/TPM */
+       if (selectedPcrsLen) {
+               TSS_FLAG initFlag = 0;
+               UINT32 pcrSize;
+               BYTE *pcrValue;
+
+               for (i = 0; i < selectedPcrsLen; i++) {
+                       if (selectedPcrs[i] > 15) {
+#ifdef TSS_LIB_IS_12
+                               initFlag |= TSS_PCRS_STRUCT_INFO_LONG;
+#else
+                               logError(_("This version of %s was compiled for a v1.1 TSS, which "
+                                        "can only seal\n data to PCRs 0-15. PCR %u is out of range"
+                                        "\n"), argv[0], selectedPcrs[i]);
+                               goto out_close;
+#endif
+                       }
+               }
+
+               unsigned char msg[EVP_MAX_MD_SIZE];
+               unsigned int msglen;
+               EVP_MD_CTX ctx;
+               EVP_DigestInit(&ctx, EVP_sha1());
+               while ((lineLen = BIO_read(bin, line, sizeof(line))) > 0)
+                       EVP_DigestUpdate(&ctx, line, lineLen);
+               EVP_DigestFinal(&ctx, msg, &msglen);
+
+               if (contextCreateObject(hContext, TSS_OBJECT_TYPE_PCRS, initFlag,
+                                       &hPcrs) != TSS_SUCCESS)
+                       goto out_close;
+
+               for (i = 0; i < selectedPcrsLen; i++) {
+#ifdef TPM_EXTENDPCR_DEBUG
+                       if (tpmPcrRead(hTpm, selectedPcrs[i], &pcrSize, &pcrValue) != TSS_SUCCESS)
+                               goto out_close;
+
+                       unsigned int j;
+                       for (j = 0; j < pcrSize; j++)
+                         printf("%02X ", pcrValue[j]);
+                       printf("\n");
+#endif
+                       
+                       if (tpmPcrExtend(hTpm, selectedPcrs[i], msglen, msg, NULL, &pcrSize, &pcrValue) != TSS_SUCCESS)
+                         goto out_close;
+
+#ifdef TPM_EXTENDPCR_DEBUG
+                       for (j = 0; j < pcrSize; j++)
+                         printf("%02X ", pcrValue[j]);
+                       printf("\n");
+#endif
+               }
+       }
+
+       iRc = 0;
+       logSuccess(argv[0]);
+
+out_close:
+       contextClose(hContext);
+
+out:
+       if (bin)
+               BIO_free(bin);
+       return iRc;
+}
diff --git a/recipes-tpm/tpm-tools/tpm-tools_1.3.8.bb b/recipes-tpm/tpm-tools/tpm-tools_1.3.8.bb
new file mode 100644
index 0000000..5645976
--- /dev/null
+++ b/recipes-tpm/tpm-tools/tpm-tools_1.3.8.bb
@@ -0,0 +1,22 @@
+SUMMARY = "The tpm-tools package contains commands to allow the platform administrator the ability to manage and diagnose the platform's TPM."
+DESCRIPTION = " \
+  The tpm-tools package contains commands to allow the platform administrator \
+  the ability to manage and diagnose the platform's TPM.  Additionally, the \
+  package contains commands to utilize some of the capabilities available \
+  in the TPM PKCS#11 interface implemented in the openCryptoki project. \
+  "
+SECTION = "tpm"
+LICENSE = "CPL-1.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=059e8cd6165cb4c31e351f2b69388fd9"
+DEPENDS = "libtspi openssl"
+SRC_URI += " \
+    http://downloads.sourceforge.net/project/trousers/${BPN}/${PV}/${BP}.tar.gz \
+    file://tpm-tools-extendpcr.patch \
+    file://03-fix-bool-error-parseStringWithValues.patch \
+"
+SRC_URI[md5sum] = "85a978c4e03fefd4b73cbeadde7c4d0b"
+SRC_URI[sha256sum] = "66eb4ff095542403db6b4bd4b574e8a5c08084fe4e9e5aa9a829ee84e20bea83"
+inherit autotools gettext
author	Armin Kuster <akuster808@gmail.com>	2016-04-10 22:09:47 -0700
committer	Armin Kuster <akuster808@gmail.com>	2016-04-23 08:03:42 -0700
commit	d1e8ef4b294672813e142734c0c31377a43fe532 (patch)
tree	7731ed462252688a30066be696fd9cf4122e03fa
parent	f2f70c2de96c6ba6f120c249833d22b8776f58a9 (diff)
download	meta-security-d1e8ef4b294672813e142734c0c31377a43fe532.tar.gz

diff --git a/recipes-tpm/tpm-tools/tpm-tools-1.3.8/03-fix-bool-error-parseStringWithValues.patch b/recipes-tpm/tpm-tools/tpm-tools-1.3.8/03-fix-bool-error-parseStringWithValues.patch new file mode 100644 index 0000000..9497e89 --- /dev/null +++ b/recipes-tpm/tpm-tools/tpm-tools-1.3.8/03-fix-bool-error-parseStringWithValues.patch
@@ -0,0 +1,30 @@
	1	Title: Fix boolean comparison error (and FTBFS with gcc-5)
	2	Date: 2015-06-28
	3	Author: Pierre Chifflier <pollux@debian.org>
	4	Bug-Debian: http://bugs.debian.org/778147
	5	Index: tpm-tools/src/tpm_mgmt/tpm_nvcommon.c
	6	===================================================================
	7	--- tpm-tools.orig/src/tpm_mgmt/tpm_nvcommon.c
	8	+++ tpm-tools/src/tpm_mgmt/tpm_nvcommon.c
	9	@@ -140,8 +140,8 @@ int parseStringWithValues(const char *aA
	10	aArg);
	11	return -1;
	12	}
	13	- if (!aArg[offset+numbytes] == '\|' &&
	14	- !aArg[offset+numbytes] == 0) {
	15	+ if (!(aArg[offset+numbytes] == '\|' \|\|
	16	+ aArg[offset+numbytes] == 0)) {
	17	logError(_("Illegal character following "
	18	"hexadecimal number in %s\n"),
	19	aArg + offset);
	20	@@ -164,8 +164,8 @@ int parseStringWithValues(const char *aA
	21	return -1;
	22	}
	23
	24	- if (!aArg[offset+numbytes] == '\|' &&
	25	- !aArg[offset+numbytes] == 0) {
	26	+ if (!(aArg[offset+numbytes] == '\|' \|\|
	27	+ aArg[offset+numbytes] == 0)) {
	28	logError(_("Illegal character following decimal "
	29	"number in %s\n"),
	30	aArg + offset);


diff --git a/recipes-tpm/tpm-tools/tpm-tools-1.3.8/tpm-tools-extendpcr.patch b/recipes-tpm/tpm-tools/tpm-tools-1.3.8/tpm-tools-extendpcr.patch new file mode 100644 index 0000000..ab5e683 --- /dev/null +++ b/recipes-tpm/tpm-tools/tpm-tools-1.3.8/tpm-tools-extendpcr.patch
@@ -0,0 +1,244 @@
	1	Index: tpm-tools-1.3.8/include/tpm_tspi.h
	2	===================================================================
	3	--- tpm-tools-1.3.8.orig/include/tpm_tspi.h 2011-08-17 08:20:35.000000000 -0400
	4	+++ tpm-tools-1.3.8/include/tpm_tspi.h 2013-01-05 23:26:31.571598217 -0500
	5	@@ -117,6 +117,10 @@
	6	UINT32 a_PcrSize, BYTE *a_PcrValue);
	7	TSS_RESULT pcrcompositeSetPcrValue(TSS_HPCRS a_hPcrs, UINT32 a_Idx,
	8	UINT32 a_PcrSize, BYTE *a_PcrValue);
	9	+TSS_RESULT tpmPcrExtend(TSS_HTPM a_hTpm, UINT32 a_Idx,
	10	+ UINT32 a_DataSize, BYTE *a_Data,
	11	+ TSS_PCR_EVENT *a_Event,
	12	+ UINT32 a_PcrSize, BYTE *a_PcrValue);
	13	#ifdef TSS_LIB_IS_12
	14	TSS_RESULT unloadVersionInfo(UINT64 offset, BYTE blob, TPM_CAP_VERSION_INFO *v);
	15	TSS_RESULT pcrcompositeSetPcrLocality(TSS_HPCRS a_hPcrs, UINT32 localityValue);
	16	Index: tpm-tools-1.3.8/lib/tpm_tspi.c
	17	===================================================================
	18	--- tpm-tools-1.3.8.orig/lib/tpm_tspi.c 2011-08-17 08:20:35.000000000 -0400
	19	+++ tpm-tools-1.3.8/lib/tpm_tspi.c 2013-01-05 23:27:37.731593490 -0500
	20	@@ -594,6 +594,20 @@
	21	return result;
	22	}
	23
	24	+TSS_RESULT
	25	+tpmPcrExtend(TSS_HTPM a_hTpm, UINT32 a_Idx,
	26	+ UINT32 a_DataSize, BYTE *a_Data,
	27	+ TSS_PCR_EVENT *a_Event,
	28	+ UINT32 a_PcrSize, BYTE *a_PcrValue)
	29	+{
	30	+ TSS_RESULT result =
	31	+ Tspi_TPM_PcrExtend(a_hTpm, a_Idx, a_DataSize, a_Data, a_Event,
	32	+ a_PcrSize, a_PcrValue);
	33	+ tspiResult("Tspi_TPM_PcrExtend", result);
	34	+
	35	+ return result;
	36	+}
	37	+
	38	#ifdef TSS_LIB_IS_12
	39	/*
	40	* These getPasswd functions will wrap calls to the other functions and check to see if the TSS
	41	Index: tpm-tools-1.3.8/src/cmds/Makefile.am
	42	===================================================================
	43	--- tpm-tools-1.3.8.orig/src/cmds/Makefile.am 2011-08-15 13:52:08.000000000 -0400
	44	+++ tpm-tools-1.3.8/src/cmds/Makefile.am 2013-01-05 23:30:46.223593698 -0500
	45	@@ -22,6 +22,7 @@
	46	#
	47
	48	bin_PROGRAMS = tpm_sealdata \
	49	+ tpm_extendpcr \
	50	tpm_unsealdata
	51
	52	if TSS_LIB_IS_12
	53	@@ -33,4 +34,5 @@
	54	LDADD = $(top_builddir)/lib/libtpm_tspi.la -ltspi $(top_builddir)/lib/libtpm_unseal.la -ltpm_unseal -lcrypto
	55
	56	tpm_sealdata_SOURCES = tpm_sealdata.c
	57	+tpm_extendpcr_SOURCES = tpm_extendpcr.c
	58	tpm_unsealdata_SOURCES = tpm_unsealdata.c
	59	Index: tpm-tools-1.3.8/src/cmds/tpm_extendpcr.c
	60	===================================================================
	61	--- /dev/null 1970-01-01 00:00:00.000000000 +0000
	62	+++ tpm-tools-1.3.8/src/cmds/tpm_extendpcr.c 2013-01-05 23:37:43.403585514 -0500
	63	@@ -0,0 +1,181 @@
	64	+/*
	65	+ * The Initial Developer of the Original Code is International
	66	+ * Business Machines Corporation. Portions created by IBM
	67	+ * Corporation are Copyright (C) 2005, 2006 International Business
	68	+ * Machines Corporation. All Rights Reserved.
	69	+ *
	70	+ * This program is free software; you can redistribute it and/or modify
	71	+ * it under the terms of the Common Public License as published by
	72	+ * IBM Corporation; either version 1 of the License, or (at your option)
	73	+ * any later version.
	74	+ *
	75	+ * This program is distributed in the hope that it will be useful,
	76	+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
	77	+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	78	+ * Common Public License for more details.
	79	+ *
	80	+ * You should have received a copy of the Common Public License
	81	+ * along with this program; if not, a copy can be viewed at
	82	+ * http://www.opensource.org/licenses/cpl1.0.php.
	83	+ */
	84	+#include <openssl/evp.h>
	85	+#include <openssl/sha.h>
	86	+#include <limits.h>
	87	+#include "tpm_tspi.h"
	88	+#include "tpm_utils.h"
	89	+#include "tpm_seal.h"
	90	+
	91	+// #define TPM_EXTENDPCR_DEBUG
	92	+
	93	+static void help(const char *aCmd)
	94	+{
	95	+ logCmdHelp(aCmd);
	96	+ logCmdOption("-i, --infile FILE",
	97	+ _
	98	+ ("Filename containing data to extend PCRs with. Default is STDIN."));
	99	+ logCmdOption("-p, --pcr NUMBER",
	100	+ _("PCR to extend."));
	101	+
	102	+}
	103	+
	104	+static char in_filename[PATH_MAX] = "";
	105	+static TSS_HPCRS hPcrs = NULL_HPCRS;
	106	+static TSS_HTPM hTpm;
	107	+static UINT32 selectedPcrs[24];
	108	+static UINT32 selectedPcrsLen = 0;
	109	+TSS_HCONTEXT hContext = 0;
	110	+
	111	+static int parse(const int aOpt, const char *aArg)
	112	+{
	113	+ int rc = -1;
	114	+
	115	+ switch (aOpt) {
	116	+ case 'i':
	117	+ if (aArg) {
	118	+ strncpy(in_filename, aArg, PATH_MAX);
	119	+ rc = 0;
	120	+ }
	121	+ break;
	122	+ case 'p':
	123	+ if (aArg) {
	124	+ selectedPcrs[selectedPcrsLen++] = atoi(aArg);
	125	+ rc = 0;
	126	+ }
	127	+ break;
	128	+ default:
	129	+ break;
	130	+ }
	131	+ return rc;
	132	+
	133	+}
	134	+
	135	+int main(int argc, char **argv)
	136	+{
	137	+
	138	+ int iRc = -1;
	139	+ struct option opts[] = {
	140	+ {"infile", required_argument, NULL, 'i'},
	141	+ {"pcr", required_argument, NULL, 'p'},
	142	+ };
	143	+ unsigned char line[EVP_MD_block_size(EVP_sha1()) * 16];
	144	+ int lineLen;
	145	+ UINT32 i;
	146	+
	147	+ BIO *bin = NULL;
	148	+
	149	+ initIntlSys();
	150	+
	151	+ if (genericOptHandler(argc, argv, "i:p:", opts,
	152	+ sizeof(opts) / sizeof(struct option), parse,
	153	+ help) != 0)
	154	+ goto out;
	155	+
	156	+ if (contextCreate(&hContext) != TSS_SUCCESS)
	157	+ goto out;
	158	+
	159	+ if (contextConnect(hContext) != TSS_SUCCESS)
	160	+ goto out_close;
	161	+
	162	+ if (contextGetTpm(hContext, &hTpm) != TSS_SUCCESS)
	163	+ goto out_close;
	164	+
	165	+ /* Create a BIO for the input file */
	166	+ if ((bin = BIO_new(BIO_s_file())) == NULL) {
	167	+ logError(_("Unable to open input BIO\n"));
	168	+ goto out_close;
	169	+ }
	170	+
	171	+ /* Assign the input file to the BIO */
	172	+ if (strlen(in_filename) == 0)
	173	+ BIO_set_fp(bin, stdin, BIO_NOCLOSE);
	174	+ else if (!BIO_read_filename(bin, in_filename)) {
	175	+ logError(_("Unable to open input file: %s\n"),
	176	+ in_filename);
	177	+ goto out_close;
	178	+ }
	179	+
	180	+ /* Create the PCRs object. If any PCRs above 15 are selected, this will need to be
	181	+ * a 1.2 TSS/TPM */
	182	+ if (selectedPcrsLen) {
	183	+ TSS_FLAG initFlag = 0;
	184	+ UINT32 pcrSize;
	185	+ BYTE *pcrValue;
	186	+
	187	+ for (i = 0; i < selectedPcrsLen; i++) {
	188	+ if (selectedPcrs[i] > 15) {
	189	+#ifdef TSS_LIB_IS_12
	190	+ initFlag \|= TSS_PCRS_STRUCT_INFO_LONG;
	191	+#else
	192	+ logError(_("This version of %s was compiled for a v1.1 TSS, which "
	193	+ "can only seal\n data to PCRs 0-15. PCR %u is out of range"
	194	+ "\n"), argv[0], selectedPcrs[i]);
	195	+ goto out_close;
	196	+#endif
	197	+ }
	198	+ }
	199	+
	200	+ unsigned char msg[EVP_MAX_MD_SIZE];
	201	+ unsigned int msglen;
	202	+ EVP_MD_CTX ctx;
	203	+ EVP_DigestInit(&ctx, EVP_sha1());
	204	+ while ((lineLen = BIO_read(bin, line, sizeof(line))) > 0)
	205	+ EVP_DigestUpdate(&ctx, line, lineLen);
	206	+ EVP_DigestFinal(&ctx, msg, &msglen);
	207	+
	208	+ if (contextCreateObject(hContext, TSS_OBJECT_TYPE_PCRS, initFlag,
	209	+ &hPcrs) != TSS_SUCCESS)
	210	+ goto out_close;
	211	+
	212	+ for (i = 0; i < selectedPcrsLen; i++) {
	213	+#ifdef TPM_EXTENDPCR_DEBUG
	214	+ if (tpmPcrRead(hTpm, selectedPcrs[i], &pcrSize, &pcrValue) != TSS_SUCCESS)
	215	+ goto out_close;
	216	+
	217	+ unsigned int j;
	218	+ for (j = 0; j < pcrSize; j++)
	219	+ printf("%02X ", pcrValue[j]);
	220	+ printf("\n");
	221	+#endif
	222	+
	223	+ if (tpmPcrExtend(hTpm, selectedPcrs[i], msglen, msg, NULL, &pcrSize, &pcrValue) != TSS_SUCCESS)
	224	+ goto out_close;
	225	+
	226	+#ifdef TPM_EXTENDPCR_DEBUG
	227	+ for (j = 0; j < pcrSize; j++)
	228	+ printf("%02X ", pcrValue[j]);
	229	+ printf("\n");
	230	+#endif
	231	+ }
	232	+ }
	233	+
	234	+ iRc = 0;
	235	+ logSuccess(argv[0]);
	236	+
	237	+out_close:
	238	+ contextClose(hContext);
	239	+
	240	+out:
	241	+ if (bin)
	242	+ BIO_free(bin);
	243	+ return iRc;
	244	+}


diff --git a/recipes-tpm/tpm-tools/tpm-tools_1.3.8.bb b/recipes-tpm/tpm-tools/tpm-tools_1.3.8.bb new file mode 100644 index 0000000..5645976 --- /dev/null +++ b/recipes-tpm/tpm-tools/tpm-tools_1.3.8.bb
@@ -0,0 +1,22 @@
	1	SUMMARY = "The tpm-tools package contains commands to allow the platform administrator the ability to manage and diagnose the platform's TPM."
	2	DESCRIPTION = " \
	3	The tpm-tools package contains commands to allow the platform administrator \
	4	the ability to manage and diagnose the platform's TPM. Additionally, the \
	5	package contains commands to utilize some of the capabilities available \
	6	in the TPM PKCS#11 interface implemented in the openCryptoki project. \
	7	"
	8	SECTION = "tpm"
	9	LICENSE = "CPL-1.0"
	10	LIC_FILES_CHKSUM = "file://LICENSE;md5=059e8cd6165cb4c31e351f2b69388fd9"
	11	DEPENDS = "libtspi openssl"
	12
	13	SRC_URI += " \
	14	http://downloads.sourceforge.net/project/trousers/${BPN}/${PV}/${BP}.tar.gz \
	15	file://tpm-tools-extendpcr.patch \
	16	file://03-fix-bool-error-parseStringWithValues.patch \
	17	"
	18
	19	SRC_URI[md5sum] = "85a978c4e03fefd4b73cbeadde7c4d0b"
	20	SRC_URI[sha256sum] = "66eb4ff095542403db6b4bd4b574e8a5c08084fe4e9e5aa9a829ee84e20bea83"
	21
	22	inherit autotools gettext