Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP3:Update
ibmtss
ibmtss-fix-dsa-regression.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ibmtss-fix-dsa-regression.patch of Package ibmtss
This can be fixed by checking first to see if -rsa appears on its own (either as the last option or followed by another option beginning with '-') and if it does assuming the default value of 2048 for keyBits. If a non options follows, parse it as a number which keeps backwards compatibility with versions before 1.5 while still allowing expanded rsa key sizes to be specified. Signed-off-by: James Bottomley <James.Bottomley@...> --- utils/certifyx509.c | 8 ++----- utils/create.c | 8 ++----- utils/createek.c | 46 +++++++++++++++++++---------------------- utils/createekcert.c | 42 +++++++++++++++++-------------------- utils/createloaded.c | 8 ++----- utils/createprimary.c | 8 ++----- utils/objecttemplates.c | 2 +- 7 files changed, 49 insertions(+), 73 deletions(-) diff --git a/utils/certifyx509.c b/utils/certifyx509.c index 2b763eb..3eabc45 100644 --- a/utils/certifyx509.c +++ b/utils/certifyx509.c @@ -233,14 +233,10 @@ int main(int argc, char *argv[]) else if (strcmp(argv[i], "-rsa") == 0) { scheme = TPM_ALG_RSASSA; algCount++; - i++; - if (i < argc) { + if (i + 1 < argc && argv[i+1][0] != '-') { + i++; sscanf(argv[i],"%hu", &keyBits); } - else { - printf("Missing keysize parameter for -rsa\n"); - printUsage(); - } } else if (strcmp(argv[i], "-ecc") == 0) { scheme = TPM_ALG_ECDSA; diff --git a/utils/create.c b/utils/create.c index f1be83d..a707f2f 100644 --- a/utils/create.c +++ b/utils/create.c @@ -173,14 +173,10 @@ int main(int argc, char *argv[]) } else if (strcmp(argv[i], "-rsa") == 0) { algPublic = TPM_ALG_RSA; - i++; - if (i < argc) { + if (i + 1 < argc && argv[i+1][0] != '-') { + i++; sscanf(argv[i],"%hu", &keyBits); } - else { - printf("Missing parameter for -rsa\n"); - printUsage(); - } } else if (strcmp(argv[i], "-ecc") == 0) { algPublic = TPM_ALG_ECC; diff --git a/utils/createek.c b/utils/createek.c index 602d9ce..f561f78 100644 --- a/utils/createek.c +++ b/utils/createek.c @@ -196,33 +196,29 @@ int main(int argc, char *argv[]) else if (strcmp(argv[i], "-rsa") == 0) { algPublic = TPM_ALG_RSA; algCount++; - i++; - if (i < argc) { + if (i + 1 < argc && argv[i+1][0] != '-') { + i++; sscanf(argv[i],"%hu", &keyBits); - switch (keyBits) { - case 2048: - if (range == LowRange) { - ekCertIndex = EK_CERT_RSA_INDEX; - ekNonceIndex = EK_NONCE_RSA_INDEX; - ekTemplateIndex = EK_TEMPLATE_RSA_INDEX; - } - else { /* high range */ - ekCertIndex = EK_CERT_RSA_2048_INDEX_H1; - } - break; - case 3072: - ekCertIndex = EK_CERT_RSA_3072_INDEX_H6; - break; - case 4096: - ekCertIndex = EK_CERT_RSA_4096_INDEX_H7; - break; - default: - printf("Bad key size %s for -rsa\n", argv[i]); - printUsage(); - } } - else { - printf("Missing keysize parameter for -rsa\n"); + switch (keyBits) { + case 2048: + if (range == LowRange) { + ekCertIndex = EK_CERT_RSA_INDEX; + ekNonceIndex = EK_NONCE_RSA_INDEX; + ekTemplateIndex = EK_TEMPLATE_RSA_INDEX; + } + else { /* high range */ + ekCertIndex = EK_CERT_RSA_2048_INDEX_H1; + } + break; + case 3072: + ekCertIndex = EK_CERT_RSA_3072_INDEX_H6; + break; + case 4096: + ekCertIndex = EK_CERT_RSA_4096_INDEX_H7; + break; + default: + printf("Bad key size %s for -rsa\n", argv[i]); printUsage(); } } diff --git a/utils/createekcert.c b/utils/createekcert.c index 7049605..02d765c 100644 --- a/utils/createekcert.c +++ b/utils/createekcert.c @@ -179,31 +179,27 @@ int main(int argc, char *argv[]) else if (strcmp(argv[i], "-rsa") == 0) { algPublic = TPM_ALG_RSA; algCount++; - i++; - if (i < argc) { + if (i + 1 < argc && argv[i+1][0] != '-') { + i++; sscanf(argv[i],"%hu", &keyBits); - switch (keyBits) { - case 2048: - if (range == LowRange) { - ekCertIndex = EK_CERT_RSA_INDEX; - } - else { /* high range */ - ekCertIndex = EK_CERT_RSA_2048_INDEX_H1; - } - break; - case 3072: - ekCertIndex = EK_CERT_RSA_3072_INDEX_H6; - break; - case 4096: - ekCertIndex = EK_CERT_RSA_4096_INDEX_H7; - break; - default: - printf("Bad key size %s for -rsa\n", argv[i]); - printUsage(); - } } - else { - printf("Missing keysize parameter for -rsa\n"); + switch (keyBits) { + case 2048: + if (range == LowRange) { + ekCertIndex = EK_CERT_RSA_INDEX; + } + else { /* high range */ + ekCertIndex = EK_CERT_RSA_2048_INDEX_H1; + } + break; + case 3072: + ekCertIndex = EK_CERT_RSA_3072_INDEX_H6; + break; + case 4096: + ekCertIndex = EK_CERT_RSA_4096_INDEX_H7; + break; + default: + printf("Bad key size %s for -rsa\n", argv[i]); printUsage(); } } diff --git a/utils/createloaded.c b/utils/createloaded.c index a481cb3..fe97ab4 100644 --- a/utils/createloaded.c +++ b/utils/createloaded.c @@ -167,14 +167,10 @@ int main(int argc, char *argv[]) } else if (strcmp(argv[i], "-rsa") == 0) { algPublic = TPM_ALG_RSA; - i++; - if (i < argc) { + if (i + 1 < argc && argv[i+1][0] != '-') { + i++; sscanf(argv[i],"%hu", &keyBits); } - else { - printf("Missing parameter for -rsa\n"); - printUsage(); - } } else if (strcmp(argv[i], "-ecc") == 0) { algPublic = TPM_ALG_ECC; diff --git a/utils/createprimary.c b/utils/createprimary.c index 3c7676f..c805674 100644 --- a/utils/createprimary.c +++ b/utils/createprimary.c @@ -180,14 +180,10 @@ int main(int argc, char *argv[]) } else if (strcmp(argv[i], "-rsa") == 0) { algPublic = TPM_ALG_RSA; - i++; - if (i < argc) { + if (i + 1 < argc && argv[i+1][0] != '-') { + i++; sscanf(argv[i],"%hu", &keyBits); } - else { - printf("Missing parameter for -rsa\n"); - printUsage(); - } } else if (strcmp(argv[i], "-ecc") == 0) { algPublic = TPM_ALG_ECC; diff --git a/utils/objecttemplates.c b/utils/objecttemplates.c index 06b07ef..f44398f 100644 --- a/utils/objecttemplates.c +++ b/utils/objecttemplates.c @@ -538,7 +538,7 @@ void printUsageTemplate(void) { printf("\t[Asymmetric Key Algorithm]\n"); printf("\n"); - printf("\t-rsa keybits (default)\n"); + printf("\t-rsa [keybits] (default)\n"); printf("\t\t(2048 default)\n"); printf("\t-ecc curve\n"); printf("\t\tbnp256\n"); -- 2.26.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor