-
Hi
I have a little problem with TPM usage, hopefully somebody can help me.
a) When I issue the tpm2_listpcrs, all pcrs are set to zero (except 17-22 which are set to FF FF...)
I would expect that…
-
I am a little confused about how to use tpm2_create to seal a key to the PCRs. I see that I can pass in a policy file, but how do I create a policy file that defines which PCR(s) I wish to seal the da…
-
We've got manganese chloride (MnCl2) borrowed from the Dedon lab. Also have MnSO4 ordered in.
1. Make up 10 mM stock solution of MnCl2.
2. Set up PCRs (say, PB2 Part 2, which is well within what we ca…
-
I'm working on an Advantech board with Infineon TPM and AMI BIOS where the PCR 10 measurement value is different after each boot, with the same bootloader, kernel and initramfs (no changes made at all…
-
It seems to change between boots.
-
Is there any way I can use the currently implemented tools to seal a key to the pcr state? From looking at the tools, it seems as though "tpm2_create" seals data, but how can I base this on the state …
-
I'd like to use TrustedGRUB2 to seal a key that I can then use to decrypt the root partition automatically. However, in order to properly seal the data, I need to be able to compute the expected PCRs…
-
I'm not sure how folks will feel about this, but throwing it out..
Currently PXE booting fetches a vmlinux, which includes a linked in initramfs (CONFIG_INITRAMFS_SOURCE="bootengine.cpio") which has…
-
Hi,
in order to work around some of the limitations (namely lack of kernel and initrd measurement) mentioned in the readme, Intel TXT could be used. With tboot [1], there exists a measured launch env…
-
Does anyone used this program with Centos (7.2 or later)?