Add option to provide password to import tool

Add -password command line argument to take the
primary key password to import keys.

Issue-ID: AAF-464
Change-Id: I68b87139405427d065883ffe714e1072d3e987df
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>

diff --git a/tpm-util/import/main.c b/tpm-util/import/main.c
index c498f6c..8f66fd6 100644 (file)
--- a/tpm-util/import/main.c
+++ b/tpm-util/import/main.c
@@ -19,17 +19,14 @@
 //
 
 #include <stdio.h>
-#include <stdlib.h>   
+#include <stdlib.h>
 #include <string.h>
-#include <unistd.h>  
+#include <unistd.h>
 
 #include <sapi/tpm20.h>
 
-#include "tpm_wrapper.h" 
-#include "util.h" 
-
-char* tpm_pwd = "";
-int tpm_pwd_len = 0;
+#include "tpm_wrapper.h"
+#include "util.h"
 
 void PrintHelp();
 char version[] = "0.1";
@@ -37,10 +34,11 @@ char version[] = "0.1";
 void PrintHelp()
 {
     printf(
-            "OSSL key to tpm import tool, Version %s\nUsage:" 
-            "./ossl_tpm_import " 
-            "[-dupPub out_dupPubFile] [-dupPriv out_dupPrivFile] [-dupSymSeed out_dupSymSeedFile] [-dupEncKey out_dupEncKeyFile]" 
-            "[-pub out_keyPub] [-priv out_KeyPriv]\n"
+            "OSSL key to tpm import tool, Version %s\nUsage:"
+            "./ossl_tpm_import "
+            "[-dupPub out_dupPubFile] [-dupPriv out_dupPrivFile] [-dupSymSeed out_dupSymSeedFile] "
+            "[-dupEncKey out_dupEncKeyFile] [-password keyPassword] "
+            "[-pub out_keyPub] [-priv out_KeyPriv] [-H primaryKeyHandle]\n"
                        "\n"
                         , version);
 }
@@ -61,10 +59,11 @@ int main(int argc, char* argv[])
     int dupSymSeed_flag = 0;
     char dupEncKey_Filename[256];
     int dupEncKey_flag = 0;
-    TPM2B_DATA encryptionKey; 
-    TPM2B_PUBLIC swKeyPublic; 
-    TPM2B_PRIVATE swKeyPrivate; 
-    TPM2B_ENCRYPTED_SECRET encSymSeed; 
+    char keyPassword[256] = {0};
+    TPM2B_DATA encryptionKey;
+    TPM2B_PUBLIC swKeyPublic;
+    TPM2B_PRIVATE swKeyPrivate;
+    TPM2B_ENCRYPTED_SECRET encSymSeed;
 
     // SW Key Import O/P variables
     char pub_Filename[256];
@@ -128,6 +127,15 @@ int main(int argc, char* argv[])
                 }
                 dupEncKey_flag = 1;
             }
+            else if( 0 == strcmp( argv[count], "-password" ) ) {
+                count++;
+                // Read no more than a fixed length of characters
+                if ( (1 != sscanf(argv[count], "%255s", keyPassword )) )
+                {
+                    PrintHelp();
+                    return 1;
+                }
+            }
             else if( 0 == strcmp( argv[count], "-pub" ) ) {
                 count++;
                 if( (1 != sscanf( argv[count], "%s", pub_Filename )) )
@@ -170,11 +178,11 @@ int main(int argc, char* argv[])
 
     // For TPM Import functionality, check all input params are present
     if( (!dupPub_flag) ||
-                (!dupPriv_flag) ||
-                (!dupSymSeed_flag) ||
-                (!dupEncKey_flag) ||
-                (!pub_flag) ||
-                (!priv_flag)
+        (!dupPriv_flag) ||
+        (!dupSymSeed_flag) ||
+        (!dupEncKey_flag) ||
+        (!pub_flag) ||
+        (!priv_flag)
         ) {
         printf("Error: One or more Inputs for TPM import functionality is missing ! \n");
         return -1;
@@ -215,9 +223,9 @@ int main(int argc, char* argv[])
 
         TPM2B_PRIVATE importPrivate;
         INIT_SIMPLE_TPM2B_SIZE(importPrivate);
-        rval = swKeyTpmImport(sysContext, primaryKeyHandle, 
-                &encryptionKey, &swKeyPublic, &swKeyPrivate, &encSymSeed, 
-                tpm_pwd, tpm_pwd_len, 
+        rval = swKeyTpmImport(sysContext, primaryKeyHandle,
+                &encryptionKey, &swKeyPublic, &swKeyPrivate, &encSymSeed,
+                keyPassword, strlen(keyPassword),
                 &importPrivate);
         if(rval != 0) {
             printf("\nswKeyTpmImport failed: 0x%x ! \n", rval);
@@ -241,4 +249,3 @@ end:
 
     return rval;
 }
-