Esempio n. 1
0
func main() {
	var blobname = flag.String("blob", "aikblob", "The name of the file to create")
	var tpmname = flag.String("tpm", "/dev/tpm0", "The path to the TPM device to use")
	flag.Parse()

	rwc, err := tpm.OpenTPM(*tpmname)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Couldn't open the TPM file %s: %s\n", *tpmname, err)
		return
	}

	// Compute the auth values as needed.
	var ownerAuth [20]byte
	ownerInput := os.Getenv(ownerAuthEnvVar)
	if ownerInput != "" {
		oa := sha1.Sum([]byte(ownerInput))
		copy(ownerAuth[:], oa[:])
	}

	var srkAuth [20]byte
	srkInput := os.Getenv(srkAuthEnvVar)
	if srkInput != "" {
		sa := sha1.Sum([]byte(srkInput))
		copy(srkAuth[:], sa[:])
	}

	var aikAuth [20]byte
	aikInput := os.Getenv(aikAuthEnvVar)
	if aikInput != "" {
		aa := sha1.Sum([]byte(aikInput))
		copy(aikAuth[:], aa[:])
	}

	// TODO(tmroeder): add support for Privacy CAs.
	blob, err := tpm.MakeIdentity(rwc, srkAuth[:], ownerAuth[:], aikAuth[:], nil, nil)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Couldn't make an new AIK: %s\n", err)
		return
	}

	if err := ioutil.WriteFile(*blobname, blob, 0600); err != nil {
		fmt.Fprintf(os.Stderr, "Couldn't write to file %s: %s\n", *blobname, err)
		return
	}

	return
}
Esempio n. 2
0
func main() {
	var tpmname = flag.String("tpm", "/dev/tpm0", "The path to the TPM device to use")
	flag.Parse()

	rwc, err := tpm.OpenTPM(*tpmname)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Couldn't open the TPM file %s: %s\n", *tpmname, err)
		return
	}

	// Compute the auth values as needed.
	var ownerAuth [20]byte
	ownerInput := os.Getenv(ownerAuthEnvVar)
	if ownerInput != "" {
		oa := sha1.Sum([]byte(ownerInput))
		copy(ownerAuth[:], oa[:])
	}

	var srkAuth [20]byte
	srkInput := os.Getenv(srkAuthEnvVar)
	if srkInput != "" {
		sa := sha1.Sum([]byte(srkInput))
		copy(srkAuth[:], sa[:])
	}

	pubek, err := tpm.ReadPubEK(rwc)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Couldn't read the endorsement key: %s\n", err)
		return
	}

	if err := tpm.TakeOwnership(rwc, ownerAuth, srkAuth, pubek); err != nil {
		fmt.Fprintf(os.Stderr, "Couldn't take ownership of the TPM: %s\n", err)
		return
	}

	return
}
Esempio n. 3
0
func main() {
	var tpmname = flag.String("tpm", "/dev/tpm0", "The path to the TPM device to use")
	flag.Parse()

	rwc, err := tpm.OpenTPM(*tpmname)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Couldn't open the TPM file %s: %s\n", *tpmname, err)
		return
	}

	var ownerAuth [20]byte
	ownerInput := os.Getenv(ownerAuthEnvVar)
	if ownerInput != "" {
		oa := sha1.Sum([]byte(ownerInput))
		copy(ownerAuth[:], oa[:])
	}
	if err := tpm.OwnerClear(rwc, ownerAuth); err != nil {
		fmt.Fprintf(os.Stderr, "Couldn't clear the TPM using owner auth: %s\n", err)
		return
	}

	return
}