diff options
author | Alexander Kjeldaas <ak@formalprivacy.com> | 2013-08-14 08:16:52 +0200 |
---|---|---|
committer | Alexander Kjeldaas <ak@formalprivacy.com> | 2014-04-22 13:24:44 +0200 |
commit | dbe8d7ad030206987910057a9cfb0bd90a8b5c15 (patch) | |
tree | 7b7a00af8e30bd94733b844089ce3d9b00748b6a /pkgs/tools/security/tboot | |
parent | 396da207391b3b16d511b6fa6bbed035af82a6e8 (diff) |
Added trousers, tpm-tools, and tboot.
Added lcp_writepol -Z option.
Diffstat (limited to 'pkgs/tools/security/tboot')
-rw-r--r-- | pkgs/tools/security/tboot/default.nix | 22 | ||||
-rw-r--r-- | pkgs/tools/security/tboot/tboot-add-well-known-secret-option-to-lcp_writepol.patch | 50 |
2 files changed, 72 insertions, 0 deletions
diff --git a/pkgs/tools/security/tboot/default.nix b/pkgs/tools/security/tboot/default.nix new file mode 100644 index 0000000000000..71a8d32a6e192 --- /dev/null +++ b/pkgs/tools/security/tboot/default.nix @@ -0,0 +1,22 @@ +{stdenv, fetchurl, autoconf, automake, trousers, openssl, zlib}: + +stdenv.mkDerivation { + name = "tboot-1.8.0"; + + src = fetchurl { + url = https://sourceforge.net/projects/tboot/files/tboot/tboot-1.8.0.tar.gz; + sha256 = "04z1maryqnr714f3rcynqrpmlx76lxr6bb543xwj5rdl1yvdw2xr"; + }; + + buildInputs = [ trousers openssl zlib ]; + + patches = [ ./tboot-add-well-known-secret-option-to-lcp_writepol.patch ]; + + configurePhase = '' + for a in lcptools utils tb_polgen; do + substituteInPlace $a/Makefile --replace /usr/sbin /sbin + done + substituteInPlace docs/Makefile --replace /usr/share /share + ''; + installFlags = "DESTDIR=$(out)"; +} diff --git a/pkgs/tools/security/tboot/tboot-add-well-known-secret-option-to-lcp_writepol.patch b/pkgs/tools/security/tboot/tboot-add-well-known-secret-option-to-lcp_writepol.patch new file mode 100644 index 0000000000000..a16ba9f4fbab2 --- /dev/null +++ b/pkgs/tools/security/tboot/tboot-add-well-known-secret-option-to-lcp_writepol.patch @@ -0,0 +1,50 @@ +diff -urp tboot-1.8.0.orig/lcptools/writepol.c tboot-1.8.0/lcptools/writepol.c +--- tboot-1.8.0.orig/lcptools/writepol.c 2014-01-30 10:34:57.000000000 +0100 ++++ tboot-1.8.0/lcptools/writepol.c 2014-02-12 01:48:51.523581057 +0100 +@@ -40,6 +40,7 @@ + #include <getopt.h> + #include <trousers/tss.h> + #include <trousers/trousers.h> ++#include <tss/tss_defines.h> + + #define PRINT printf + #include "../include/uuid.h" +@@ -51,14 +52,15 @@ static uint32_t index_value = 0; + static char *file_arg=NULL; + static uint32_t fLeng; + static unsigned char *policy_data = NULL; +-static char *password = NULL; ++static const char *password = NULL; + static uint32_t passwd_length = 0; ++static const char well_known_secret[] = TSS_WELL_KNOWN_SECRET; + static int help_input = 0; + static unsigned char empty_pol_data[] = {0}; + +-static const char *short_option = "ehi:f:p:"; ++static const char *short_option = "ehi:f:p:Z"; + static const char *usage_string = "lcp_writepol -i index_value " +- "[-f policy_file] [-e] [-p passwd] [-h]"; ++ "[-f policy_file] [-e] [-p passwd|-Z] [-h]"; + + static const char *option_strings[] = { + "-i index value: uint32/string.\n" +@@ -67,6 +69,7 @@ static const char *option_strings[] = { + "\tINDEX_AUX:0x50000002 or \"aux\"\n", + "-f file_name: string. File name of the policy data is stored. \n", + "-p password: string. \n", ++ "-Z use well known secret as password. \n", + "-e write 0 length data to the index.\n" + "\tIt will be used for some special index.\n" + "\tFor example, the index with permission WRITEDEFINE.\n", +@@ -119,6 +122,11 @@ parse_cmdline(int argc, const char * arg + fLeng = 0; + break; + ++ case 'Z': ++ password = well_known_secret; ++ passwd_length = sizeof(well_known_secret); ++ break; ++ + case 'h': + help_input = 1; + break; |