Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2026-02-05 14:12:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

swtpm_setup: bugfix: remove tpm2_stirrandom and tpm2_changeeps

Browse Source 
Remove tpm2_stirrandom, which we should not need to run on a newly
created TPM 2.
Also remove tpm2_changeeps which was called twice when creating two
EKs, thus invalidating a previous EK that may have been created.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This commit is contained in:
Stefan Berger 2020-04-30 21:12:26 -04:00 committed by Stefan Berger
parent f58ead05d8
commit 21af92fd04
1 changed files with 0 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
src/swtpm_setup/swtpm_setup.sh.in
View File

@ -921,51 +921,6 @@ init_tpm()
################################# TPM 2 ##################################
# Get a couple of random numbers from the host and stir the TPM
# RNG with them
#
tpm2_stirrandom()
{
local req r rsp exp
# just the header, expecting 0x18 bytes of random data
req='\x80\x01\x00\x00\x00\x24\x00\x00\x01\x46\x00\x18'
r=$(dd if=/dev/urandom count=24 bs=1 2>/dev/null | \
read_hex_data | sed 's/ /\\x/g')
rsp="$(tpm_transfer "${req}${r}")"
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$rsp" != "$exp" ]; then
logerr "TPM2_Stirrandom() failed"
logerr " expected: $exp"
logerr " received: $rsp"
return 1
fi
return 0
}
tpm2_changeeps()
{
local req rsp exp
req='\x80\x02\x00\x00\x00\x1b\x00\x00\x01\x24\x40\x00\x00\x0c\x00\x00'
req+='\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00'
rsp="$(tpm_transfer "${req}")"
exp=' 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00 01 00 00'
if [ "$rsp" != "$exp" ]; then
logerr "TPM2_ChangeEPS() failed"
logerr " expected: $exp"
logerr " received: $rsp"
return 1
fi
return 0
}
# Create the primary key (EK equivalent)
#
# @param1: flags
@ -1380,10 +1335,6 @@ tpm2_create_ek()
local res handle
tpm2_stirrandom
tpm2_changeeps
[ $? -ne 0 ] && return 1
if [ $((flags & SETUP_TPM2_ECC_F)) -ne 0 ]; then
res=$(tpm2_createprimary_ek_ecc_nist_p384 "$flags" "${ektemplatefile}")
else
@ -1592,10 +1543,6 @@ tpm2_create_spk()
local res handle
tpm2_stirrandom
tpm2_changeeps
[ $? -ne 0 ] && return 1
if [ $((flags & SETUP_TPM2_ECC_F)) -ne 0 ]; then
res=$(tpm2_createprimary_spk_ecc_nist_p384 "$flags")
else