diff --git a/man/man8/swtpm_localca.pod b/man/man8/swtpm_localca.pod index 3334bc745..d66e7e0df 100644 --- a/man/man8/swtpm_localca.pod +++ b/man/man8/swtpm_localca.pod @@ -41,7 +41,7 @@ The following options are supported: =item B<--type type> This parameter indicates the type of certificate to create. The type parameter may -be one of the following: I, or I +be one of the following: I, I, I, I =item B<--dir dir> diff --git a/src/swtpm_localca/swtpm_localca.c b/src/swtpm_localca/swtpm_localca.c index b3ad785a1..8ee666cd5 100644 --- a/src/swtpm_localca/swtpm_localca.c +++ b/src/swtpm_localca/swtpm_localca.c @@ -393,6 +393,7 @@ static int create_cert(unsigned long flags, const gchar *typ, const gchar *direc g_autofree gchar *parentkey_pwd_file = NULL; g_autofree gchar *parentkey_pwd_file_param = NULL; gboolean success; + g_autofree gchar *tmp_typ = g_strdup(typ); g_autofree gchar *standard_output = NULL; g_autofree gchar *standard_error = NULL; g_autofree gchar *swtpm_cert_path = NULL; @@ -513,11 +514,13 @@ static int create_cert(unsigned long flags, const gchar *typ, const gchar *direc cmd = concat_arrays(cmd, tpm_attr_params, TRUE); - if (strcmp(typ, "platform") == 0) { - certfile = g_strjoin(G_DIR_SEPARATOR_S, directory, "platform.cert", NULL); + if (strcmp(typ, "platform") == 0 || strcmp(typ, "iak") == 0 || strcmp(typ, "idevid") == 0) { + g_autofree gchar *certfn = g_strconcat(typ, ".cert", NULL); + + certfile = g_strjoin(G_DIR_SEPARATOR_S, directory, certfn, NULL); cmd = concat_arrays(cmd, (gchar *[]){ - "--type", "platform", + "--type", tmp_typ, "--out-cert", certfile, NULL}, TRUE); @@ -542,7 +545,7 @@ static int create_cert(unsigned long flags, const gchar *typ, const gchar *direc if (strcmp(typ, "ek") == 0) certtype = "EK"; else - certtype = "platform"; + certtype = typ; #if 0 { g_autofree gchar *join = g_strjoinv(" ", cmd);