aikpub2: Removed aikpub2 tool
The aikpub2 tool has been replaced by pki --pub|--req --keyid hex .. where keyid indicates the TPM 2.0 private key object handle. Thus either the public key in PKCS#1 format can be extracted or a PKCS#10 certificate request signed by the TPM private key can be generated.
This commit is contained in:
parent
ab94f76df6
commit
4a620a97a0
12
configure.ac
12
configure.ac
|
@ -272,7 +272,6 @@ ARG_ENABL_SET([test-vectors], [enable plugin providing crypto test vectors.])
|
||||||
ARG_DISBL_SET([updown], [disable updown firewall script plugin.])
|
ARG_DISBL_SET([updown], [disable updown firewall script plugin.])
|
||||||
# programs/components
|
# programs/components
|
||||||
ARG_ENABL_SET([aikgen], [enable AIK generator for TPM 1.2.])
|
ARG_ENABL_SET([aikgen], [enable AIK generator for TPM 1.2.])
|
||||||
ARG_ENABL_SET([aikpub2], [enable AIK extractor for TPM 2.0.])
|
|
||||||
ARG_DISBL_SET([charon], [disable the IKEv1/IKEv2 keying daemon charon.])
|
ARG_DISBL_SET([charon], [disable the IKEv1/IKEv2 keying daemon charon.])
|
||||||
ARG_ENABL_SET([cmd], [enable the command line IKE client charon-cmd.])
|
ARG_ENABL_SET([cmd], [enable the command line IKE client charon-cmd.])
|
||||||
ARG_ENABL_SET([conftest], [enforce Suite B conformance test framework.])
|
ARG_ENABL_SET([conftest], [enforce Suite B conformance test framework.])
|
||||||
|
@ -465,10 +464,6 @@ if test x$aikgen = xtrue; then
|
||||||
tss_trousers=true
|
tss_trousers=true
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if test x$aikpub2 = xtrue; then
|
|
||||||
tss_tss2=true
|
|
||||||
fi
|
|
||||||
|
|
||||||
if test x$ntru = xtrue -o x$bliss = xtrue; then
|
if test x$ntru = xtrue -o x$bliss = xtrue; then
|
||||||
mgf1=true
|
mgf1=true
|
||||||
fi
|
fi
|
||||||
|
@ -1652,14 +1647,14 @@ AM_CONDITIONAL(USE_PKI, test x$pki = xtrue)
|
||||||
AM_CONDITIONAL(USE_SCEPCLIENT, test x$scepclient = xtrue)
|
AM_CONDITIONAL(USE_SCEPCLIENT, test x$scepclient = xtrue)
|
||||||
AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
|
AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
|
||||||
AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
|
AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
|
||||||
AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pki = xtrue -o x$scepclient = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue -o x$aikgen = xtrue -o x$aikpub2 = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
|
AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pki = xtrue -o x$scepclient = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue -o x$aikgen = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
|
||||||
AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
|
AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
|
||||||
AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue)
|
AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue)
|
||||||
AM_CONDITIONAL(USE_LIBNTTFFT, test x$bliss = xtrue -o x$newhope = xtrue)
|
AM_CONDITIONAL(USE_LIBNTTFFT, test x$bliss = xtrue -o x$newhope = xtrue)
|
||||||
AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
|
AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
|
||||||
AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
|
AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
|
||||||
AM_CONDITIONAL(USE_LIBPTTLS, test x$tnc_tnccs = xtrue)
|
AM_CONDITIONAL(USE_LIBPTTLS, test x$tnc_tnccs = xtrue)
|
||||||
AM_CONDITIONAL(USE_LIBTPMTSS, test x$tss_trousers = xtrue -o x$tss_tss2 = xtrue -o x$tpm -o x$aikgen = xtrue -o x$aikpub2 = xtrue -o x$imcv = xtrue)
|
AM_CONDITIONAL(USE_LIBTPMTSS, test x$tss_trousers = xtrue -o x$tss_tss2 = xtrue -o x$tpm -o x$aikgen = xtrue -o x$imcv = xtrue)
|
||||||
AM_CONDITIONAL(USE_FILE_CONFIG, test x$stroke = xtrue)
|
AM_CONDITIONAL(USE_FILE_CONFIG, test x$stroke = xtrue)
|
||||||
AM_CONDITIONAL(USE_IPSEC_SCRIPT, test x$stroke = xtrue -o x$scepclient = xtrue -o x$conftest = xtrue)
|
AM_CONDITIONAL(USE_IPSEC_SCRIPT, test x$stroke = xtrue -o x$scepclient = xtrue -o x$conftest = xtrue)
|
||||||
AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap)
|
AM_CONDITIONAL(USE_LIBCAP, test x$capabilities = xlibcap)
|
||||||
|
@ -1678,7 +1673,6 @@ AM_CONDITIONAL(USE_DBGHELP, test x$dbghelp_backtraces = xtrue)
|
||||||
AM_CONDITIONAL(USE_TKM, test x$tkm = xtrue)
|
AM_CONDITIONAL(USE_TKM, test x$tkm = xtrue)
|
||||||
AM_CONDITIONAL(USE_CMD, test x$cmd = xtrue)
|
AM_CONDITIONAL(USE_CMD, test x$cmd = xtrue)
|
||||||
AM_CONDITIONAL(USE_AIKGEN, test x$aikgen = xtrue)
|
AM_CONDITIONAL(USE_AIKGEN, test x$aikgen = xtrue)
|
||||||
AM_CONDITIONAL(USE_AIKPUB2, test x$aikpub2 = xtrue)
|
|
||||||
AM_CONDITIONAL(USE_SWANCTL, test x$swanctl = xtrue)
|
AM_CONDITIONAL(USE_SWANCTL, test x$swanctl = xtrue)
|
||||||
AM_CONDITIONAL(USE_SVC, test x$svc = xtrue)
|
AM_CONDITIONAL(USE_SVC, test x$svc = xtrue)
|
||||||
AM_CONDITIONAL(USE_SYSTEMD, test x$systemd = xtrue)
|
AM_CONDITIONAL(USE_SYSTEMD, test x$systemd = xtrue)
|
||||||
|
@ -1718,7 +1712,6 @@ fi
|
||||||
strongswan_options=
|
strongswan_options=
|
||||||
|
|
||||||
AM_COND_IF([USE_AIKGEN], [strongswan_options=${strongswan_options}" aikgen"])
|
AM_COND_IF([USE_AIKGEN], [strongswan_options=${strongswan_options}" aikgen"])
|
||||||
AM_COND_IF([USE_AIKPUB2], [strongswan_options=${strongswan_options}" aikpub2"])
|
|
||||||
AM_COND_IF([USE_ATTR_SQL], [strongswan_options=${strongswan_options}" pool"])
|
AM_COND_IF([USE_ATTR_SQL], [strongswan_options=${strongswan_options}" pool"])
|
||||||
AM_COND_IF([USE_CHARON], [strongswan_options=${strongswan_options}" charon charon-logging"])
|
AM_COND_IF([USE_CHARON], [strongswan_options=${strongswan_options}" charon charon-logging"])
|
||||||
AM_COND_IF([USE_FILE_CONFIG], [strongswan_options=${strongswan_options}" starter"])
|
AM_COND_IF([USE_FILE_CONFIG], [strongswan_options=${strongswan_options}" starter"])
|
||||||
|
@ -1927,7 +1920,6 @@ AC_CONFIG_FILES([
|
||||||
src/_copyright/Makefile
|
src/_copyright/Makefile
|
||||||
src/scepclient/Makefile
|
src/scepclient/Makefile
|
||||||
src/aikgen/Makefile
|
src/aikgen/Makefile
|
||||||
src/aikpub2/Makefile
|
|
||||||
src/pki/Makefile
|
src/pki/Makefile
|
||||||
src/pki/man/Makefile
|
src/pki/man/Makefile
|
||||||
src/pool/Makefile
|
src/pool/Makefile
|
||||||
|
|
|
@ -135,7 +135,3 @@ endif
|
||||||
if USE_AIKGEN
|
if USE_AIKGEN
|
||||||
SUBDIRS += aikgen
|
SUBDIRS += aikgen
|
||||||
endif
|
endif
|
||||||
|
|
||||||
if USE_AIKPUB2
|
|
||||||
SUBDIRS += aikpub2
|
|
||||||
endif
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
aikpub2
|
|
|
@ -1,15 +0,0 @@
|
||||||
bin_PROGRAMS = aikpub2
|
|
||||||
|
|
||||||
aikpub2_SOURCES = aikpub2.c
|
|
||||||
|
|
||||||
aikpub2_LDADD = \
|
|
||||||
$(top_builddir)/src/libstrongswan/libstrongswan.la \
|
|
||||||
$(top_builddir)/src/libtpmtss/libtpmtss.la
|
|
||||||
|
|
||||||
aikpub2.o : $(top_builddir)/config.status
|
|
||||||
|
|
||||||
AM_CPPFLAGS = \
|
|
||||||
-I$(top_srcdir)/src/libstrongswan \
|
|
||||||
-I$(top_srcdir)/src/libtpmtss \
|
|
||||||
-DIPSEC_CONFDIR=\"${sysconfdir}\" \
|
|
||||||
-DPLUGINS=\""${aikgen_plugins}\""
|
|
|
@ -1,305 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright (C) 2016 Andreas Steffen
|
|
||||||
* HSR Hochschule fuer Technik Rapperswil
|
|
||||||
*
|
|
||||||
* This program is free software; you can redistribute it and/or modify it
|
|
||||||
* under the terms of the GNU General Public License as published by the
|
|
||||||
* Free Software Foundation; either version 2 of the License, or (at your
|
|
||||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
|
||||||
*
|
|
||||||
* This program is distributed in the hope that it will be useful, but
|
|
||||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
||||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
||||||
* for more details.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include "tpm_tss.h"
|
|
||||||
|
|
||||||
#include <library.h>
|
|
||||||
#include <utils/debug.h>
|
|
||||||
#include <utils/optionsfrom.h>
|
|
||||||
|
|
||||||
#include <syslog.h>
|
|
||||||
#include <getopt.h>
|
|
||||||
#include <errno.h>
|
|
||||||
|
|
||||||
/* default directory where AIK keys are stored */
|
|
||||||
#define AIK_DIR IPSEC_CONFDIR "/pts/"
|
|
||||||
|
|
||||||
/* default name of AIK public key blob */
|
|
||||||
#define DEFAULT_FILENAME_AIKPUBKEY AIK_DIR "aikPub.der"
|
|
||||||
|
|
||||||
/* logging */
|
|
||||||
static bool log_to_stderr = TRUE;
|
|
||||||
static bool log_to_syslog = TRUE;
|
|
||||||
static level_t default_loglevel = 1;
|
|
||||||
|
|
||||||
/* options read by optionsfrom */
|
|
||||||
options_t *options;
|
|
||||||
|
|
||||||
chunk_t aik_pubkey;
|
|
||||||
chunk_t aik_keyid;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* logging function for aikpub2
|
|
||||||
*/
|
|
||||||
static void aikpub2_dbg(debug_t group, level_t level, char *fmt, ...)
|
|
||||||
{
|
|
||||||
char buffer[8192];
|
|
||||||
char *current = buffer, *next;
|
|
||||||
va_list args;
|
|
||||||
|
|
||||||
if (level <= default_loglevel)
|
|
||||||
{
|
|
||||||
if (log_to_stderr)
|
|
||||||
{
|
|
||||||
va_start(args, fmt);
|
|
||||||
vfprintf(stderr, fmt, args);
|
|
||||||
va_end(args);
|
|
||||||
fprintf(stderr, "\n");
|
|
||||||
}
|
|
||||||
if (log_to_syslog)
|
|
||||||
{
|
|
||||||
/* write in memory buffer first */
|
|
||||||
va_start(args, fmt);
|
|
||||||
vsnprintf(buffer, sizeof(buffer), fmt, args);
|
|
||||||
va_end(args);
|
|
||||||
|
|
||||||
/* do a syslog with every line */
|
|
||||||
while (current)
|
|
||||||
{
|
|
||||||
next = strchr(current, '\n');
|
|
||||||
if (next)
|
|
||||||
{
|
|
||||||
*(next++) = '\0';
|
|
||||||
}
|
|
||||||
syslog(LOG_INFO, "%s\n", current);
|
|
||||||
current = next;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Initialize logging to stderr/syslog
|
|
||||||
*/
|
|
||||||
static void init_log(const char *program)
|
|
||||||
{
|
|
||||||
dbg = aikpub2_dbg;
|
|
||||||
|
|
||||||
if (log_to_stderr)
|
|
||||||
{
|
|
||||||
setbuf(stderr, NULL);
|
|
||||||
}
|
|
||||||
if (log_to_syslog)
|
|
||||||
{
|
|
||||||
openlog(program, LOG_CONS | LOG_NDELAY | LOG_PID, LOG_AUTHPRIV);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @brief exit aikgen
|
|
||||||
*
|
|
||||||
* @param status 0 = OK, -1 = general discomfort
|
|
||||||
*/
|
|
||||||
static void exit_aikpub2(err_t message, ...)
|
|
||||||
{
|
|
||||||
int status = 0;
|
|
||||||
|
|
||||||
free(aik_pubkey.ptr);
|
|
||||||
free(aik_keyid.ptr);
|
|
||||||
options->destroy(options);
|
|
||||||
|
|
||||||
/* print any error message to stderr */
|
|
||||||
if (message != NULL && *message != '\0')
|
|
||||||
{
|
|
||||||
va_list args;
|
|
||||||
char m[8192];
|
|
||||||
|
|
||||||
va_start(args, message);
|
|
||||||
vsnprintf(m, sizeof(m), message, args);
|
|
||||||
va_end(args);
|
|
||||||
|
|
||||||
fprintf(stderr, "aikpub2 error: %s\n", m);
|
|
||||||
status = -1;
|
|
||||||
}
|
|
||||||
library_deinit();
|
|
||||||
exit(status);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @brief prints the usage of the program to the stderr output
|
|
||||||
*
|
|
||||||
* If message is set, program is exited with 1 (error)
|
|
||||||
* @param message message in case of an error
|
|
||||||
*/
|
|
||||||
static void usage(const char *message)
|
|
||||||
{
|
|
||||||
fprintf(stderr,
|
|
||||||
"Usage: aikpub2 --handle <handle> --out <filename>\n"
|
|
||||||
" [--force] [--quiet] [--debug <level>]\n"
|
|
||||||
" aikpub2 --help\n"
|
|
||||||
"\n"
|
|
||||||
"Options:\n"
|
|
||||||
" --handle (-H) TSS 2.0 AIK object handle\n"
|
|
||||||
" --out (-o) AIK public key in PKCS #1 format\n"
|
|
||||||
" --force (-f) force to overwrite existing files\n"
|
|
||||||
" --help (-h) show usage and exit\n"
|
|
||||||
"\n"
|
|
||||||
"Debugging output:\n"
|
|
||||||
" --debug (-l) changes the log level (-1..4, default: 1)\n"
|
|
||||||
" --quiet (-q) do not write log output to stderr\n"
|
|
||||||
);
|
|
||||||
exit_aikpub2(message);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @brief main of aikpub2 which extracts an Attestation Identity Key (AIK)
|
|
||||||
*
|
|
||||||
* @param argc number of arguments
|
|
||||||
* @param argv pointer to the argument values
|
|
||||||
*/
|
|
||||||
int main(int argc, char *argv[])
|
|
||||||
{
|
|
||||||
/* external values */
|
|
||||||
extern char * optarg;
|
|
||||||
extern int optind;
|
|
||||||
|
|
||||||
char *aik_out_filename = DEFAULT_FILENAME_AIKPUBKEY;
|
|
||||||
uint32_t aik_handle = 0;
|
|
||||||
bool force = FALSE;
|
|
||||||
hasher_t *hasher;
|
|
||||||
tpm_tss_t *tpm;
|
|
||||||
|
|
||||||
atexit(library_deinit);
|
|
||||||
if (!library_init(NULL, "aikpub2"))
|
|
||||||
{
|
|
||||||
exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
|
|
||||||
}
|
|
||||||
if (lib->integrity &&
|
|
||||||
!lib->integrity->check_file(lib->integrity, "aikpub2", argv[0]))
|
|
||||||
{
|
|
||||||
fprintf(stderr, "integrity check of aikpub2 failed\n");
|
|
||||||
exit(SS_RC_DAEMON_INTEGRITY);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* initialize global variables */
|
|
||||||
options = options_create();
|
|
||||||
|
|
||||||
for (;;)
|
|
||||||
{
|
|
||||||
static const struct option long_opts[] = {
|
|
||||||
/* name, has_arg, flag, val */
|
|
||||||
{ "help", no_argument, NULL, 'h' },
|
|
||||||
{ "optionsfrom", required_argument, NULL, '+' },
|
|
||||||
{ "handle", required_argument, NULL, 'H' },
|
|
||||||
{ "in", required_argument, NULL, 'i' },
|
|
||||||
{ "out", required_argument, NULL, 'o' },
|
|
||||||
{ "force", no_argument, NULL, 'f' },
|
|
||||||
{ "quiet", no_argument, NULL, 'q' },
|
|
||||||
{ "debug", required_argument, NULL, 'l' },
|
|
||||||
{ 0,0,0,0 }
|
|
||||||
};
|
|
||||||
|
|
||||||
/* parse next option */
|
|
||||||
int c = getopt_long(argc, argv, "h+:H:i:o:fql:", long_opts, NULL);
|
|
||||||
|
|
||||||
switch (c)
|
|
||||||
{
|
|
||||||
case EOF: /* end of flags */
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'h': /* --help */
|
|
||||||
usage(NULL);
|
|
||||||
|
|
||||||
case '+': /* --optionsfrom <filename> */
|
|
||||||
if (!options->from(options, optarg, &argc, &argv, optind))
|
|
||||||
{
|
|
||||||
exit_aikpub2("optionsfrom failed");
|
|
||||||
}
|
|
||||||
continue;
|
|
||||||
|
|
||||||
case 'H': /* --handle <handle> */
|
|
||||||
aik_handle = strtoll(optarg, NULL, 16);
|
|
||||||
continue;
|
|
||||||
|
|
||||||
case 'o': /* --out <filename> */
|
|
||||||
aik_out_filename = optarg;
|
|
||||||
continue;
|
|
||||||
|
|
||||||
case 'f': /* --force */
|
|
||||||
force = TRUE;
|
|
||||||
continue;
|
|
||||||
|
|
||||||
case 'q': /* --quiet */
|
|
||||||
log_to_stderr = FALSE;
|
|
||||||
continue;
|
|
||||||
|
|
||||||
case 'l': /* --debug <level> */
|
|
||||||
default_loglevel = atoi(optarg);
|
|
||||||
continue;
|
|
||||||
|
|
||||||
default:
|
|
||||||
usage("unknown option");
|
|
||||||
}
|
|
||||||
/* break from loop */
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
init_log("aikpub2");
|
|
||||||
|
|
||||||
if (!lib->plugins->load(lib->plugins,
|
|
||||||
lib->settings->get_str(lib->settings, "aikpub2.load", PLUGINS)))
|
|
||||||
{
|
|
||||||
exit_aikpub2("plugin loading failed");
|
|
||||||
}
|
|
||||||
if (!aik_handle)
|
|
||||||
{
|
|
||||||
usage("--handle option is required");
|
|
||||||
}
|
|
||||||
|
|
||||||
/* try to find a TPM 2.0 */
|
|
||||||
tpm = tpm_tss_probe(TPM_VERSION_2_0);
|
|
||||||
if (!tpm)
|
|
||||||
{
|
|
||||||
exit_aikpub2("no TPM 2.0 found");
|
|
||||||
}
|
|
||||||
|
|
||||||
/* get AIK public key from TPM */
|
|
||||||
aik_pubkey = tpm->get_public(tpm, aik_handle);
|
|
||||||
tpm->destroy(tpm);
|
|
||||||
|
|
||||||
/* exit if AIK public key retrieval failed */
|
|
||||||
if (aik_pubkey.len == 0)
|
|
||||||
{
|
|
||||||
exit_aikpub2("retrieval of AIK public key failed");
|
|
||||||
}
|
|
||||||
|
|
||||||
/* store AIK subjectPublicKeyInfo to file */
|
|
||||||
if (!chunk_write(aik_pubkey, aik_out_filename, 0022, force))
|
|
||||||
{
|
|
||||||
exit_aikpub2("could not write AIK public key file '%s': %s",
|
|
||||||
aik_out_filename, strerror(errno));
|
|
||||||
}
|
|
||||||
DBG1(DBG_LIB, "AIK public key written to '%s' (%u bytes)",
|
|
||||||
aik_out_filename, aik_pubkey.len);
|
|
||||||
|
|
||||||
/* AIK keyid derived from subjectPublicKeyInfo encoding */
|
|
||||||
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
|
|
||||||
if (!hasher)
|
|
||||||
{
|
|
||||||
exit_aikpub2("SHA1 hash algorithm not supported");
|
|
||||||
}
|
|
||||||
if (!hasher->allocate_hash(hasher, aik_pubkey, &aik_keyid))
|
|
||||||
{
|
|
||||||
hasher->destroy(hasher);
|
|
||||||
exit_aikpub2("computing SHA1 fingerprint failed");
|
|
||||||
}
|
|
||||||
hasher->destroy(hasher);
|
|
||||||
|
|
||||||
DBG1(DBG_LIB, "AIK keyid: %#B", &aik_keyid);
|
|
||||||
|
|
||||||
exit_aikpub2(NULL);
|
|
||||||
return -1; /* should never be reached */
|
|
||||||
}
|
|
Loading…
Reference in New Issue