mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-19 04:57:55 +00:00
22 lines
472 B
Bash
Executable File
22 lines
472 B
Bash
Executable File
#!/bin/bash
|
|
# Retrieve the sealed file from the NVRAM, unseal it and compute the totp
|
|
|
|
. /etc/functions
|
|
|
|
TOTP_SECRET="/tmp/secret/totp.key"
|
|
|
|
TRACE "Under /bin/unseal-totp"
|
|
|
|
if [ "$CONFIG_TPM" = "y" ]; then
|
|
tpmr unseal 4d47 0,1,2,3,4,7 312 "$TOTP_SECRET" ||
|
|
die "Unable to unseal TOTP secret"
|
|
fi
|
|
|
|
if ! totp -q <"$TOTP_SECRET"; then
|
|
shred -n 10 -z -u "$TOTP_SECRET" 2>/dev/null
|
|
die 'Unable to compute TOTP hash?'
|
|
fi
|
|
|
|
shred -n 10 -z -u "$TOTP_SECRET" 2>/dev/null
|
|
exit 0
|