shred TOTP_SECRET also when generation is successful

2024-12-18 20:47:55 +00:00 · 2019-02-24 11:11:00 -05:00 · 2019-02-24 11:11:00 -05:00 · 2740317d67
commit 2740317d67
parent 8310a3d62e
1 changed files with 3 additions and 1 deletions
--- a/initrd/bin/seal-totp
+++ b/initrd/bin/seal-totp
@ -44,9 +44,11 @@ if ! tpm sealfile2 \
 	-ix 7 X \
 ; then
 	shred -n 10 -z -u "$TOTP_SECRET" 2> /dev/null
-	 die "Unable to seal secret"
+	die "Unable to seal secret"
 fi

+shred -n 10 -z -u "$TOTP_SECRET" 2> /dev/null
+

 # to create an nvram space we need the TPM owner password
 # and the TPM physical presence must be asserted.