heads/initrd
Kyle Rankin fe34aba719
Store HOTP counter directly in /boot instead of TPM
The HOTP counter isn't a secret but is just used to prevent replay
attacks (the time-based counter in TOTP isn't a secret either) so it
doesn't need to be protected in the TPM and storing it as a TPM
monotonic counter was causing conflicts with the Heads configuration
counter as TPM 1.2 can only increment one counter per reboot.

This change moves the HOTP counter into the file in /boot that was
previously keeping track of the TPM counter id.
2018-06-20 09:20:39 -07:00
..
bin Store HOTP counter directly in /boot instead of TPM 2018-06-20 09:20:39 -07:00
etc Add Librem Key support to Heads 2018-06-19 12:27:27 -07:00
sbin "$@" does not expand correctly in test expressions, use "$*" instead (issue ) 2017-04-11 06:31:25 -04:00
.ash_history preload the recovery shell command line history 2016-09-26 13:51:10 -04:00
init Read and measure an EFI file into initrd during init 2018-04-29 19:58:44 -07:00
mount-boot extract and verify gpg signature on the boot script 2016-08-06 17:13:22 -04:00