func main() { var blobname = flag.String("blob", "aikblob", "The name of the file to create") var tpmname = flag.String("tpm", "/dev/tpm0", "The path to the TPM device to use") flag.Parse() rwc, err := tpm.OpenTPM(*tpmname) if err != nil { fmt.Fprintf(os.Stderr, "Couldn't open the TPM file %s: %s\n", *tpmname, err) return } // Compute the auth values as needed. var ownerAuth [20]byte ownerInput := os.Getenv(ownerAuthEnvVar) if ownerInput != "" { oa := sha1.Sum([]byte(ownerInput)) copy(ownerAuth[:], oa[:]) } var srkAuth [20]byte srkInput := os.Getenv(srkAuthEnvVar) if srkInput != "" { sa := sha1.Sum([]byte(srkInput)) copy(srkAuth[:], sa[:]) } var aikAuth [20]byte aikInput := os.Getenv(aikAuthEnvVar) if aikInput != "" { aa := sha1.Sum([]byte(aikInput)) copy(aikAuth[:], aa[:]) } // TODO(tmroeder): add support for Privacy CAs. blob, err := tpm.MakeIdentity(rwc, srkAuth[:], ownerAuth[:], aikAuth[:], nil, nil) if err != nil { fmt.Fprintf(os.Stderr, "Couldn't make an new AIK: %s\n", err) return } if err := ioutil.WriteFile(*blobname, blob, 0600); err != nil { fmt.Fprintf(os.Stderr, "Couldn't write to file %s: %s\n", *blobname, err) return } return }
func main() { var tpmname = flag.String("tpm", "/dev/tpm0", "The path to the TPM device to use") flag.Parse() rwc, err := tpm.OpenTPM(*tpmname) if err != nil { fmt.Fprintf(os.Stderr, "Couldn't open the TPM file %s: %s\n", *tpmname, err) return } // Compute the auth values as needed. var ownerAuth [20]byte ownerInput := os.Getenv(ownerAuthEnvVar) if ownerInput != "" { oa := sha1.Sum([]byte(ownerInput)) copy(ownerAuth[:], oa[:]) } var srkAuth [20]byte srkInput := os.Getenv(srkAuthEnvVar) if srkInput != "" { sa := sha1.Sum([]byte(srkInput)) copy(srkAuth[:], sa[:]) } pubek, err := tpm.ReadPubEK(rwc) if err != nil { fmt.Fprintf(os.Stderr, "Couldn't read the endorsement key: %s\n", err) return } if err := tpm.TakeOwnership(rwc, ownerAuth, srkAuth, pubek); err != nil { fmt.Fprintf(os.Stderr, "Couldn't take ownership of the TPM: %s\n", err) return } return }
func main() { var tpmname = flag.String("tpm", "/dev/tpm0", "The path to the TPM device to use") flag.Parse() rwc, err := tpm.OpenTPM(*tpmname) if err != nil { fmt.Fprintf(os.Stderr, "Couldn't open the TPM file %s: %s\n", *tpmname, err) return } var ownerAuth [20]byte ownerInput := os.Getenv(ownerAuthEnvVar) if ownerInput != "" { oa := sha1.Sum([]byte(ownerInput)) copy(ownerAuth[:], oa[:]) } if err := tpm.OwnerClear(rwc, ownerAuth); err != nil { fmt.Fprintf(os.Stderr, "Couldn't clear the TPM using owner auth: %s\n", err) return } return }