use the new tpmtotp shell scripts

2025-02-20 09:16:21 +00:00 · 2016-09-09 17:24:52 -04:00 · 2016-09-09 17:24:52 -04:00 · 9a85bc22d9
commit 9a85bc22d9
parent 0e16afe17a
2 changed files with 14 additions and 7 deletions
--- a/initrd/init
+++ b/initrd/init
@ -24,18 +24,14 @@ echo
 hwclock -l -s

 # Verify the user's TPM secret
-date
-if [ -r /secret.totp ]; then
-	echo
-	echo -n "Verify TPM PCR: "
-	unsealtotp /secret.totp
-	echo
-else
+echo "TPM TOTP:"
+if ! unsealtotp.sh ; then
 	echo '!!!!!'
 	echo '!!!!! TPM TOTP secret not found.'
 	echo '!!!!! This firmware can not be trusted.'
 	echo '!!!!!'
 fi
+echo
 	

 # Start an interactive shell
--- a/modules/tpmtotp
+++ b/modules/tpmtotp
@ -15,6 +15,11 @@ tpmtotp_dir := tpmtotp-$(tpmtotp_version)
 tpmtotp_output := \
 	sealtotp \
 	unsealtotp \
+	totp \
+	base32 \
+	qrenc \
+	sealtotp.sh \
+	unsealtotp.sh \
 	util/nv \
 	util/nv_definespace \
 	util/nv_readvalue \
@ -26,5 +31,11 @@ tpmtotp_output := \
 	util/physicalpresence \
 	util/physicalsetdeactivated \
 	util/getcapability \
+	util/sealfile2 \
+	util/unsealfile \
+	util/counter_create \
+	util/counter_increment \
+	util/counter_read \
+	util/counter_release \

 tpmtotp_configure :=