[tpm2] Re: Is there a way to get the name for an NV index in tpm2

All of lore.kernel.org
 help / color / mirror / Atom feed

* [tpm2] Re: Is there a way to get the name for an NV index in tpm2_tools?
@ 2019-11-25 23:02 Roberts, William C
  0 siblings, 0 replies; 7+ messages in thread
From: Roberts, William C @ 2019-11-25 23:02 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 708 bytes --]

> -----Original Message-----
> From: Steven Clark [mailto:davolfman(a)gmail.com]
> Sent: Monday, November 25, 2019 10:56 AM
> To: Roberts, William C <william.c.roberts(a)intel.com>
> Cc: tpm2(a)lists.01.org
> Subject: Re: [tpm2] Is there a way to get the name for an NV index in
> tpm2_tools?
> 
> 4.0.0 and 4.1.0rc1 when I've chosen to install it for testing.  So no -c option in

That went away in 4.0 and is now just an argument to tpm2_getcap. So just remove -c and it should work.

> getcap anymore.  Besides, I'm looking for the name of an NV index not a key or
> sealed "keyed hash", so there's no context blob.

Ahh ok, nv index. Currently not output, but that’s an easy fix.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [tpm2] Re: Is there a way to get the name for an NV index in tpm2_tools?
@ 2019-11-27 23:27 Steven Clark
  0 siblings, 0 replies; 7+ messages in thread
From: Steven Clark @ 2019-11-27 23:27 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 145 bytes --]

Even if I don't end up needing it immediately just seeing a patch like that gives me a better idea how the tools sources are structured.  Thanks.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [tpm2] Re: Is there a way to get the name for an NV index in tpm2_tools?
@ 2019-11-25 23:52 Roberts, William C
  0 siblings, 0 replies; 7+ messages in thread
From: Roberts, William C @ 2019-11-25 23:52 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 1454 bytes --]

This patch should do what you want:

https://github.com/williamcroberts/tpm2.0-tools/commit/d69fcfb0c05141fac1668f4b2a9665041ab13e73

Ill get this cleaned up and merged to tools

> -----Original Message-----
> From: Roberts, William C [mailto:william.c.roberts(a)intel.com]
> Sent: Monday, November 25, 2019 5:02 PM
> To: Steven Clark <davolfman(a)gmail.com>
> Cc: tpm2(a)lists.01.org
> Subject: [tpm2] Re: Is there a way to get the name for an NV index in
> tpm2_tools?
> 
> 
> 
> > -----Original Message-----
> > From: Steven Clark [mailto:davolfman(a)gmail.com]
> > Sent: Monday, November 25, 2019 10:56 AM
> > To: Roberts, William C <william.c.roberts(a)intel.com>
> > Cc: tpm2(a)lists.01.org
> > Subject: Re: [tpm2] Is there a way to get the name for an NV index in
> > tpm2_tools?
> >
> > 4.0.0 and 4.1.0rc1 when I've chosen to install it for testing.  So no
> > -c option in
> 
> That went away in 4.0 and is now just an argument to tpm2_getcap. So just
> remove -c and it should work.
> 
> > getcap anymore.  Besides, I'm looking for the name of an NV index not
> > a key or sealed "keyed hash", so there's no context blob.
> 
> Ahh ok, nv index. Currently not output, but that’s an easy fix.
> 
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [tpm2] Re: Is there a way to get the name for an NV index in tpm2_tools?
@ 2019-11-25 16:56 Steven Clark
  0 siblings, 0 replies; 7+ messages in thread
From: Steven Clark @ 2019-11-25 16:56 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 214 bytes --]

4.0.0 and 4.1.0rc1 when I've chosen to install it for testing.  So no -c
option in getcap anymore.  Besides, I'm looking for the name of an NV index
not a key or sealed "keyed hash", so there's no context blob.

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 257 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [tpm2] Re: Is there a way to get the name for an NV index in tpm2_tools?
@ 2019-11-25 16:47 Roberts, William C
  0 siblings, 0 replies; 7+ messages in thread
From: Roberts, William C @ 2019-11-25 16:47 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 971 bytes --]

tpm2_getcapability -c primary.ctx:
name: 000b914a1abc3f6b71166e4b8d3a02ee338524bb5b82a7c9e1a59f28dc97f7f2fd0c
qualified name: 000bdb4f165a0db93bc1cccbc5266f69ceaafe1bf96bcab11ca73d6f155a15a66591
name-alg:
  value: sha256
  raw: 0xb
<snip>

What version of the tools are you on as reported by the -V option?


> -----Original Message-----
> From: Steven Clark [mailto:davolfman(a)gmail.com]
> Sent: Friday, November 22, 2019 4:04 PM
> To: Roberts, William C <william.c.roberts(a)intel.com>
> Cc: tpm2(a)lists.01.org
> Subject: Re: [tpm2] Is there a way to get the name for an NV index in
> tpm2_tools?
> 
> That's what I thought, but it doesn't.  I provides the handle, attributes, and policy
> hash, but not the Name.
> If I read the spec right the contents of the index are part of the hash so I don't
> think this is even enough information to compute the Name.  And manually
> computing a Name is beyond my trust in my own abilities right now.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [tpm2] Re: Is there a way to get the name for an NV index in tpm2_tools?
@ 2019-11-22 22:03 Steven Clark
  0 siblings, 0 replies; 7+ messages in thread
From: Steven Clark @ 2019-11-22 22:03 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 337 bytes --]

That's what I thought, but it doesn't.  I provides the handle,
attributes, and policy hash, but not the Name.
If I read the spec right the contents of the index are part of the
hash so I don't think this is even enough
information to compute the Name.  And manually computing a Name is
beyond my trust in my own abilities right now.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [tpm2] Re: Is there a way to get the name for an NV index in tpm2_tools?
@ 2019-11-21 21:57 Roberts, William C
  0 siblings, 0 replies; 7+ messages in thread
From: Roberts, William C @ 2019-11-21 21:57 UTC (permalink / raw)
  To: tpm2

[-- Attachment #1: Type: text/plain, Size: 819 bytes --]

tpm2_nvreadpublic should do what you want

> -----Original Message-----
> From: Steven Clark [mailto:davolfman(a)gmail.com]
> Sent: Thursday, November 21, 2019 12:48 PM
> To: tpm2(a)lists.01.org
> Subject: [tpm2] Is there a way to get the name for an NV index in tpm2_tools?
> 
> I can't seem to find a way to to get the name for an NV index using any of the
> tpm2_tools, at least in 4.x .  Does one of these commands let me see it the way
> tpm2_readpublic does for persistent objects and context blobs?  Or is there a
> way to get a name out of the initial write to the handle like tpm2_load?
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2019-11-27 23:27 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-25 23:02 [tpm2] Re: Is there a way to get the name for an NV index in tpm2_tools? Roberts, William C
  -- strict thread matches above, loose matches on Subject: below --
2019-11-27 23:27 Steven Clark
2019-11-25 23:52 Roberts, William C
2019-11-25 16:56 Steven Clark
2019-11-25 16:47 Roberts, William C
2019-11-22 22:03 Steven Clark
2019-11-21 21:57 Roberts, William C

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.