swtpm_setup: Allow to create largest possible EK

By passing '--rsa-keysize max' allow to create the largest possible RSA
EK key.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

man/man8/swtpm_setup.8

@@ -282,7 +282,8 @@ This option is only useful with \s-1TPM 1.2\s0 and in if ownership is taken.
 This option allows to pass the size of a \s-1TPM 2 RSA EK\s0 key, such as 2048
 or 3072. The supported keysizes for a \s-1TPM 2\s0 can be queried for using
 the \fI\-\-print\-capabilities\fR option. The default size is 2048 bits for
-both \s-1TPM 1.2\s0 and \s-1TPM 2.\s0
+both \s-1TPM 1.2\s0 and \s-1TPM 2.\s0 If 'max' is passed, the largest possible key
+size is used.
 .IP "\fB\-\-print\-capabilities\fR (since v0.2)" 4
 .IX Item "--print-capabilities (since v0.2)"
 Print capabilities that were added to swtpm_setup after version 0.1.

man/man8/swtpm_setup.pod

@@ -178,7 +178,8 @@ This option is only useful with TPM 1.2 and in if ownership is taken.
 This option allows to pass the size of a TPM 2 RSA EK key, such as 2048
 or 3072. The supported keysizes for a TPM 2 can be queried for using
 the I<--print-capabilities> option. The default size is 2048 bits for
-both TPM 1.2 and TPM 2.
+both TPM 1.2 and TPM 2. If 'max' is passed, the largest possible key
+size is used.
 
 =item B<--print-capabilities> (since v0.2)
 

src/swtpm_setup/swtpm_setup.sh.in

@@ -2472,6 +2472,14 @@ main()
 		fi
 	fi
 
+	# Determine maximum possible RSA keysize that we will then use
+	if [ "$rsa_keysize" = "max" ]; then
+		rsa_keysize=$(get_rsa_keysizes "$flags" | sed '$!d')
+		if [ -z "$rsa_keysize" ]; then
+			rsa_keysize=2048
+		fi
+	fi
+
 	case "${rsa_keysize}" in
 	2048)	;;
 	3072)	tmp="$(get_rsakeysize_caps "$flags")"