init tcg_properties

This commit is contained in:
iadgovuser26 2022-01-26 10:04:07 -05:00
parent 3ca559d72f
commit 79bc90046d
2 changed files with 22 additions and 23 deletions

View File

@ -4,33 +4,43 @@
#
#########################################################################################
set -e
pushd /
pushd / > /dev/null
echo "Setting up TPM emulator for the TPM2 Provisioner"
# Function to make and install TPM 2.0 Provisioner packages
function InstallProvisioner {
echo "===========Installing TPM 2.0 Provisioner Packages...==========="
pushd /HIRS
pushd /HIRS > /dev/null
echo "Building the HIRS Provisioner ..."
mkdir -p /HIRS/logs/provisioner/
sh package/package.centos.sh &> /HIRS/logs/provisioner/provisioner_build.log
echo "Installing the HIRS Provisioner ..."
yum install -y package/rpm/RPMS/x86_64/HIRS_Provisioner_TPM_2_0*.el7.x86_64.rpm
popd
popd > /dev/null
}
# use ibm tss to properly clear tpm pcr values
function setTpmPcrValues {
mkdir /ibmtss
pushd /ibmtss
pushd /ibmtss > /dev/null
echo "Installing IBM TSS to set the TPM simulator intial values correctly..."
wget --no-check-certificate https://downloads.sourceforge.net/project/ibmtpm20tss/ibmtss1.5.0.tar.gz > /dev/null
tar -zxvf ibmtss1.5.0.tar.gz > /dev/null
cd utils
make -f makefiletpmc > /dev/null
cd ../utils
./startup
popd
./startup
popd > /dev/null
}
# Set default values tcg_boot_properties
function setTcgProperties {
propFile="/etc/hirs/tcg_boot.properties";
echo "tcg.rim.dir=/boot/tcg/manifest/rim/" > $propFile;
echo "tcg.swidtag.dir=/boot/tcg/manifest/swidtag/" >> $propFile;
echo "tcg.cert.dir=/boot/tcg/cert/platform/" >> $propFile;
echo "tcg.event.file=/sys/kernel/security/tpm0/binary_bios_measurements" >> $propFile;
}
# Function to initialize the TPM 2.0 Emulator
@ -136,7 +146,7 @@ function WaitForAca {
# Wait for ACA to boot
echo "Waiting for ACA to spin up at address ${HIRS_ACA_PORTAL_IP} on port ${HIRS_ACA_PORTAL_PORT} ..."
until [ "`curl --silent --connect-timeout 1 -I -k https://${HIRS_ACA_PORTAL_IP}:${HIRS_ACA_PORTAL_PORT}/HIRS_AttestationCAPortal | grep '302 Found'`" != "" ]; do
sleep 5;
sleep 1;
#echo "Checking on the ACA..."
done
echo "ACA is up!"
@ -152,6 +162,11 @@ InstallProvisioner
echo "TPM2 Provisioner container running:"
echo "Contents of /etc/hirs is $(ls -al /etc/hirs)";
setTcgProperties
echo "TPM2 Provisioner container running:"
echo "Contents of /etc/hirs is $(ls -al /etc/hirs)";
# Install TPM 2.0 Emulator
InitTpm2Emulator

View File

@ -19,25 +19,10 @@ echo "Test is using RIM files from $profile : $test"
# update tcg_boot.properties to use test specific binary_bios_measurement file
eventLog="$testDir"/"$profile"_"$test"_binary_bios_measurements
propFile="/etc/hirs/tcg_boot.properties";
#echo "propFile = $propFile"
# tcg_boot_properties is being erased, so recreate for now ......
#echo "tcg.rim.dir=/boot/tcg/manifest/rim/" > $propFile;
#echo "tcg.swidtag.dir=/boot/tcg/manifest/swidtag/" >> $propFile;
#echo "tcg.cert.dir=/boot/tcg/cert/platform/" >> $propFile;
#echo "tcg.event.file=/sys/kernel/security/tpm0/binary_bios_measurements" >> $propFile;
#echo "eventLog = $eventLog"
#echo "Contents of /etc/hirs is $(ls -al /etc/hirs)";
#echo "Contents of $propFile before sed is $(cat $propFile)";
sed -i "s:tcg.event.file=.*:tcg.event.file=$eventLog:g" "$propFile"
#echo "Contents of $propFile after sed is $(cat $propFile)";
#echo "======================"
#echo "Contents of/boot/tcg/cert/platform/ is $(ls /boot/tcg/cert/platform/) : "
# Step 2: Copy Base RIM files to the TCG folder
pushd $testDir/swidtags/ > /dev/null
@ -62,7 +47,6 @@ popd > /dev/null
# echo "Contents of tcg rim folder tcgDir/manifest/rim/: $(ls $tcgDir/manifest/rim/)"
#Step 4, run the setpcr script to make the TPM emulator hold values that correspond the binary_bios_measurement file
#echo "Setting PCR register 0 - 23 for test $profile : $test"
sh $testDir/"$profile"_"$test"_setpcrs.sh
#tpm2_pcrlist -g sha256