ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-18 20:47:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

gui-init: warn the user when sealing measurements through TOTP/HOTP requires TPM reset

Browse Source
This commit is contained in:
Thierry Laurion 2023-01-19 14:58:21 -05:00
parent f2ba6679ca
commit e00280e663
No known key found for this signature in database
GPG Key ID: E7B4A71658E36A93
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
initrd/bin/gui-init
View File

@ -149,17 +149,20 @@ prompt_update_checksums()
generate_totp_htop() generate_totp_htop()
{ {
echo "Scan the QR code to add the new TOTP secret" echo "Scan the QR code to add the new TOTP secret"
/bin/seal-totp "$BOARD_NAME" if /bin/seal-totp "$BOARD_NAME"; then
if [ -x /bin/hotp_verification ]; then if [ -x /bin/hotp_verification ]; then
echo "Once you have scanned the QR code, hit Enter to configure your HOTP USB Security Dongle (e.g. Librem Key or Nitrokey)" echo "Once you have scanned the QR code, hit Enter to configure your HOTP USB Security Dongle (e.g. Librem Key or Nitrokey)"
read read
/bin/seal-hotpkey /bin/seal-hotpkey
else
echo "Once you have scanned the QR code, hit Enter to continue"
read
fi
# clear screen
printf "\033c"
else else
echo "Once you have scanned the QR code, hit Enter to continue" warn "Sealing of measurements inside of TPM failed. You might want to take ownership of TPM by resetting it."
read
fi fi
# clear screen
printf "\033c"
} }
update_totp() update_totp()