libtpmtss: Generalize AIK keys to signature keys
authorAndreas Steffen <andreas.steffen@strongswan.org>
Tue, 23 Oct 2018 16:55:16 +0000 (18:55 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 26 Oct 2018 07:55:07 +0000 (09:55 +0200)
src/libtpmtss/tpm_tss_tss2_v1.c
src/libtpmtss/tpm_tss_tss2_v2.c

index a7b1344..f904442 100644 (file)
@@ -421,7 +421,7 @@ METHOD(tpm_tss_t, get_version_info, chunk_t,
 }
 
 /**
- * read the public key portion of a TSS 2.0 AIK key from NVRAM
+ * read the public key portion of a TSS 2.0 key from NVRAM
  */
 bool read_public(private_tpm_tss_tss2_t *this, TPMI_DH_OBJECT handle,
        TPM2B_PUBLIC *public)
@@ -471,9 +471,9 @@ METHOD(tpm_tss_t, get_public, chunk_t,
        }
 
        aik_blob = chunk_create((u_char*)&public, sizeof(public));
-       DBG3(DBG_LIB, "%s AIK public key blob: %B", LABEL, &aik_blob);
+       DBG3(DBG_LIB, "%s public key blob: %B", LABEL, &aik_blob);
 
-       /* convert TSS 2.0 AIK public key blot into PKCS#1 format */
+       /* convert TSS 2.0 public key blot into PKCS#1 format */
        switch (public.t.publicArea.type)
        {
                case TPM_ALG_RSA:
@@ -490,12 +490,12 @@ METHOD(tpm_tss_t, get_public, chunk_t,
                        aik_modulus = chunk_create(rsa->t.buffer, rsa->t.size);
                        aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
 
-                       /* subjectPublicKeyInfo encoding of AIK RSA key */
+                       /* subjectPublicKeyInfo encoding of RSA public key */
                        if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,
                                        NULL, &aik_pubkey, CRED_PART_RSA_MODULUS, aik_modulus,
                                        CRED_PART_RSA_PUB_EXP, aik_exponent, CRED_PART_END))
                        {
-                               DBG1(DBG_PTS, "%s subjectPublicKeyInfo encoding of AIK key "
+                               DBG1(DBG_PTS, "%s subjectPublicKeyInfo encoding of public key "
                                                          "failed", LABEL);
                                return chunk_empty;
                        }
@@ -526,7 +526,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
                        pos += ecc->x.t.size;
                        /* copy y coordinate of ECC point */
                        memcpy(pos, ecc->y.t.buffer, ecc->y.t.size);
-                       /* subjectPublicKeyInfo encoding of AIK ECC key */
+                       /* subjectPublicKeyInfo encoding of ECC public key */
                        aik_pubkey = asn1_wrap(ASN1_SEQUENCE, "mm",
                                                        asn1_wrap(ASN1_SEQUENCE, "mm",
                                                                asn1_build_known_oid(OID_EC_PUBLICKEY),
@@ -536,10 +536,10 @@ METHOD(tpm_tss_t, get_public, chunk_t,
                        break;
                }
                default:
-                       DBG1(DBG_PTS, "%s unsupported AIK key type", LABEL);
+                       DBG1(DBG_PTS, "%s unsupported key type", LABEL);
                        return chunk_empty;
        }
-       DBG1(DBG_PTS, "AIK signature algorithm is %N with %N hash",
+       DBG1(DBG_PTS, "signature algorithm is %N with %N hash",
                 tpm_alg_id_names, sig_alg, tpm_alg_id_names, digest_alg);
        return aik_pubkey;
 }
@@ -624,7 +624,7 @@ METHOD(tpm_tss_t, supported_signature_schemes, enumerator_t*,
                        break;
                }
                default:
-                       DBG1(DBG_PTS, "%s unsupported AIK key type", LABEL);
+                       DBG1(DBG_PTS, "%s unsupported key type", LABEL);
                        return enumerator_create_empty();
        }
        return enumerator_create_single(signature_params_clone(&supported_scheme),
index eb80a0e..6bbbce2 100644 (file)
@@ -381,7 +381,7 @@ METHOD(tpm_tss_t, get_version_info, chunk_t,
 }
 
 /**
- * read the public key portion of a TSS 2.0 AIK key from NVRAM
+ * read the public key portion of a TSS 2.0 key from NVRAM
  */
 bool read_public(private_tpm_tss_tss2_t *this, TPMI_DH_OBJECT handle,
        TPM2B_PUBLIC *public)
@@ -425,9 +425,9 @@ METHOD(tpm_tss_t, get_public, chunk_t,
        }
 
        aik_blob = chunk_create((u_char*)&public, sizeof(public));
-       DBG3(DBG_LIB, "%s AIK public key blob: %B", LABEL, &aik_blob);
+       DBG3(DBG_LIB, "%s public key blob: %B", LABEL, &aik_blob);
 
-       /* convert TSS 2.0 AIK public key blot into PKCS#1 format */
+       /* convert TSS 2.0 public key blot into PKCS#1 format */
        switch (public.publicArea.type)
        {
                case TPM2_ALG_RSA:
@@ -444,12 +444,12 @@ METHOD(tpm_tss_t, get_public, chunk_t,
                        aik_modulus = chunk_create(rsa->buffer, rsa->size);
                        aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
 
-                       /* subjectPublicKeyInfo encoding of AIK RSA key */
+                       /* subjectPublicKeyInfo encoding of RSA public key */
                        if (!lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,
                                        NULL, &aik_pubkey, CRED_PART_RSA_MODULUS, aik_modulus,
                                        CRED_PART_RSA_PUB_EXP, aik_exponent, CRED_PART_END))
                        {
-                               DBG1(DBG_PTS, "%s subjectPublicKeyInfo encoding of AIK key "
+                               DBG1(DBG_PTS, "%s subjectPublicKeyInfo encoding of public key "
                                                          "failed", LABEL);
                                return chunk_empty;
                        }
@@ -480,7 +480,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
                        pos += ecc->x.size;
                        /* copy y coordinate of ECC point */
                        memcpy(pos, ecc->y.buffer, ecc->y.size);
-                       /* subjectPublicKeyInfo encoding of AIK ECC key */
+                       /* subjectPublicKeyInfo encoding of ECC public key */
                        aik_pubkey = asn1_wrap(ASN1_SEQUENCE, "mm",
                                                        asn1_wrap(ASN1_SEQUENCE, "mm",
                                                                asn1_build_known_oid(OID_EC_PUBLICKEY),
@@ -490,10 +490,10 @@ METHOD(tpm_tss_t, get_public, chunk_t,
                        break;
                }
                default:
-                       DBG1(DBG_PTS, "%s unsupported AIK key type", LABEL);
+                       DBG1(DBG_PTS, "%s unsupported key type", LABEL);
                        return chunk_empty;
        }
-       DBG1(DBG_PTS, "AIK signature algorithm is %N with %N hash",
+       DBG1(DBG_PTS, "signature algorithm is %N with %N hash",
                 tpm_alg_id_names, sig_alg, tpm_alg_id_names, digest_alg);
        return aik_pubkey;
 }
@@ -578,7 +578,7 @@ METHOD(tpm_tss_t, supported_signature_schemes, enumerator_t*,
                        break;
                }
                default:
-                       DBG1(DBG_PTS, "%s unsupported AIK key type", LABEL);
+                       DBG1(DBG_PTS, "%s unsupported key type", LABEL);
                        return enumerator_create_empty();
        }
        return enumerator_create_single(signature_params_clone(&supported_scheme),