示例#1
0
文件: tpm.c 项目: randombit/hacrypto
/**
 * gnutls_tpm_privkey_delete:
 * @url: the URL describing the key
 * @srk_password: a password for the SRK key
 *
 * This function will unregister the private key from the TPM
 * chip. 
 *
 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
 *   negative error value.
 *
 * Since: 3.1.0
 **/
int gnutls_tpm_privkey_delete(const char *url, const char *srk_password)
{
	struct tpm_ctx_st s;
	struct tpmkey_url_st durl;
	TSS_RESULT tssret;
	TSS_HKEY tkey;
	int ret;

	ret = decode_tpmkey_url(url, &durl);
	if (ret < 0)
		return gnutls_assert_val(ret);

	if (durl.uuid_set == 0)
		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

	ret = tpm_open_session(&s, srk_password);
	if (ret < 0)
		return gnutls_assert_val(ret);

	tssret =
	    Tspi_Context_UnregisterKey(s.tpm_ctx, durl.storage, durl.uuid,
				       &tkey);
	if (tssret != 0) {
		gnutls_assert();
		ret = tss_err(tssret);
		goto err_cc;
	}

	ret = 0;
      err_cc:
	tpm_close_session(&s);
	return ret;
}
示例#2
0
文件: tpm.c 项目: gnutls/gnutls
/**
 * gnutls_pubkey_import_tpm_url:
 * @pkey: The public key
 * @url: The URL of the TPM key to be imported
 * @srk_password: The password for the SRK key (optional)
 * @flags: should be zero
 *
 * This function will import the given private key to the abstract
 * #gnutls_privkey_t type. 
 *
 * Note that unless %GNUTLS_PUBKEY_DISABLE_CALLBACKS
 * is specified, if incorrect (or NULL) passwords are given
 * the PKCS11 callback functions will be used to obtain the
 * correct passwords. Otherwise if the SRK password is wrong
 * %GNUTLS_E_TPM_SRK_PASSWORD_ERROR is returned.
 *
 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
 *   negative error value.
 *
 * Since: 3.1.0
 *
 **/
int
gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey,
			     const char *url,
			     const char *srk_password, unsigned int flags)
{
	struct tpmkey_url_st durl;
	gnutls_datum_t fdata = { NULL, 0 };
	int ret;

	CHECK_INIT;

	ret = decode_tpmkey_url(url, &durl);
	if (ret < 0)
		return gnutls_assert_val(ret);

	if (durl.filename) {

		ret = gnutls_load_file(durl.filename, &fdata);
		if (ret < 0) {
			gnutls_assert();
			goto cleanup;
		}

		ret =
		    gnutls_pubkey_import_tpm_raw(pkey, &fdata,
						 GNUTLS_TPMKEY_FMT_CTK_PEM,
						 srk_password, flags);
		if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
			ret =
			    gnutls_pubkey_import_tpm_raw(pkey, &fdata,
							 GNUTLS_TPMKEY_FMT_RAW,
							 srk_password,
							 flags);
		if (ret < 0) {
			gnutls_assert();
			goto cleanup;
		}
	} else if (durl.uuid_set) {
		if (flags & GNUTLS_PUBKEY_DISABLE_CALLBACKS)
			ret =
			    import_tpm_pubkey(pkey, NULL, 0, &durl.uuid,
					      durl.storage, srk_password);
		else
			ret =
			    import_tpm_pubkey_cb(pkey, NULL, 0, &durl.uuid,
						 durl.storage,
						 srk_password);
		if (ret < 0) {
			gnutls_assert();
			goto cleanup;
		}
	}

	ret = 0;
      cleanup:
	gnutls_free(fdata.data);
	clear_tpmkey_url(&durl);
	return ret;
}