TPM key generation allows for arbitrary RSA key bits, but quantizes them to the minimum allowed value that is larger than input.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2012-07-08 21:04:23 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2012-07-08 21:04:23 +0200
commit: efa1b86e42f95d451c86fddd297c41925c6778c5 (patch)
tree: 123d9467a26375a6bc0838e31a1e3682a35a20e3 /src/tpmtool.c
parent: 60a19bacc312dc7190c65ef449505abbb09a947a (diff)
download: gnutls-efa1b86e42f95d451c86fddd297c41925c6778c5.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/src/tpmtool.c b/src/tpmtool.c
index 3370480ddc..b9543cfa91 100644
--- a/src/tpmtool.c
+++ b/src/tpmtool.c
@@ -80,6 +80,7 @@ cmd_parser (int argc, char **argv)
   unsigned int optct;
   unsigned int key_type = GNUTLS_PK_UNKNOWN;
   unsigned int bits = 0;
+  const char* sec_param = NULL;
   
   optct = optionProcess( &tpmtoolOptions, argc, argv);
   argc += optct;
@@ -114,14 +115,16 @@ cmd_parser (int argc, char **argv)
   else
     infile = stdin;
 
+  if (HAVE_OPT(SEC_PARAM))
+    sec_param = OPT_ARG(SEC_PARAM);
   if (HAVE_OPT(BITS))
     bits = OPT_VALUE_BITS;
-  else
-    bits = 2048;
+  
 
   if (HAVE_OPT(GENERATE_RSA))
     {
       key_type = GNUTLS_PK_RSA;
+      bits = get_bits (key_type, bits, sec_param);
       tpm_generate (outfile, key_type, bits);
     }
   else if (HAVE_OPT(PUBKEY))
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2012-07-08 21:04:23 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2012-07-08 21:04:23 +0200
commit	efa1b86e42f95d451c86fddd297c41925c6778c5 (patch)
tree	123d9467a26375a6bc0838e31a1e3682a35a20e3 /src/tpmtool.c
parent	60a19bacc312dc7190c65ef449505abbb09a947a (diff)
download	gnutls-efa1b86e42f95d451c86fddd297c41925c6778c5.tar.gz