ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-20 21:43:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

shred TOTP_SECRET also when generation is successful

Browse Source
This commit is contained in:
Thierry Laurion 2019-02-24 11:11:00 -05:00
parent 8310a3d62e
commit 2740317d67
No known key found for this signature in database
GPG Key ID: 79C78E6659DB658F
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
initrd/bin/seal-totp
View File

@ -44,9 +44,11 @@ if ! tpm sealfile2 \
-ix 7 X \ -ix 7 X \
; then ; then
shred -n 10 -z -u "$TOTP_SECRET" 2> /dev/null shred -n 10 -z -u "$TOTP_SECRET" 2> /dev/null
die "Unable to seal secret" die "Unable to seal secret"
fi fi
shred -n 10 -z -u "$TOTP_SECRET" 2> /dev/null
# to create an nvram space we need the TPM owner password # to create an nvram space we need the TPM owner password
# and the TPM physical presence must be asserted. # and the TPM physical presence must be asserted.