Jonathon Hall e6acaad215 tpmr: Fix sealing/unsealing file with both PCRs and passwords ... When sealing/unsealing with a password, use a policy including both the specified PCRs and the object password. Fixes sealing and unsealing disk unlock key. tpm2 seems to have a bug in parameter decryption when using a policy session and password in this way, disable encryption in the policy session as a workaround. Flags still need to be set on the sealed object correctly, as the password is normally allowed on its own as an alternative to policy auth. Add -Q to some tpm2 invocations to silence diagnostics on stdout. Pass filename for unsealed secret rather than capturing from stdout for robustness against tpm2 diagnostics on stdout. Fix unseal result check in kexec-unseal-key. Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>		2023-03-08 12:45:48 -05:00
..
.gnupg	instruct gpg to use gpg-agent.	2019-01-29 11:16:13 -05:00
bin	tpmr: Fix sealing/unsealing file with both PCRs and passwords	2023-03-08 12:45:48 -05:00
etc	Add DEBUG traces and have TPM2 boards enable TRACE and DEBUG calls	2023-03-08 12:45:47 -05:00
run/cryptsetup	[WIP] cross build json-c and cryptsetup	2020-10-28 15:28:05 +02:00
sbin	Add dual support for real bash and busybox's bash(ash)	2023-03-08 12:45:44 -05:00
.ash_history	GPG2 required changes for key and trustdb generation and inclusion in rom	2019-01-29 11:18:11 -05:00
init	tpm2-tools: Change sense of CONFIG_TPM to mean any TPM, not just TPM1.	2023-03-08 12:45:46 -05:00
mount-boot	Add dual support for real bash and busybox's bash(ash)	2023-03-08 12:45:44 -05:00