Re: [TrouSerS-tech] [PATCH v2 1/2] [TPM-TOOLS] Add tools for accessing NVRAM areas

Fri, 08 Jul 2011 14:09:36 -0700 

> From: Kent Yoder [mailto:[email protected]]
> Sent: Friday, July 08, 2011 2:07 PM
> 
> Sorry for the ongoing review Stefan,
> 
> > +++ tpm-tools/src/tpm_mgmt/tpm_nvdefine.c
> [cut]
> > +
> > +       if (ownerpass || ownerWellKnown) {
> > +               if (policyGet(hTpm, &hTpmPolicy) != TSS_SUCCESS)
> > +                       goto out_close;
> > +               if (ownerpass) {
> > +                       if (opswd_len < 0)
> > +                               opswd_len = strlen(ownerpass);
> > +                       if (policySetSecret(hTpmPolicy, opswd_len,
> > +                                           (BYTE *)ownerpass) !=
> > + TSS_SUCCESS)
> > +                               goto out_close;
> > +               } else {
> > +                       if (policySetSecret(hTpmPolicy,
> > + TCPA_SHA1_160_HASH_LEN,
> > +                                           (BYTE *)well_known_secret)
> > + != TSS_SUCCESS)
> > +                               goto out_close;
> > +               }
> > +       }
> 
>  Since ownerauth is required for define space we should throw an error here.

If the TPM NV is not locked then ownerauth is not required.  It would be nice 
if the tools could support pre-lock provisioning so that they could be used on 
a manufacturing line.

> > +
> > +       if (askDataPass) {
> > +               datapass = _GETPASSWD(_("Enter NVRAM data password:
> > + "), &dpswd_len,
> > +                       FALSE, useUnicode );
> 
>   Let's set confirm to TRUE here, so that the user doesn't accidentally enter 
> a bad password.
> 
> Kent
> 
> ------------------------------------------------------------------------------
> All of the data generated in your IT infrastructure is seriously valuable.
> Why? It contains a definitive record of application performance, security 
> threats, fraudulent
> activity, and more. Splunk takes this data and makes sense of it. IT sense. 
> And common sense.
> http://p.sf.net/sfu/splunk-d2d-c2
> _______________________________________________
> TrouSerS-tech mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/trousers-tech

------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security 
threats, fraudulent activity, and more. Splunk takes this data and makes 
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
TrouSerS-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-tech

Reply via email to