On 18-06-20 23:11:05, Roberts, William C wrote:
Thanks for this pointer. It's very usefull.
You need PCR policy support on top of what that wiki discusses, which
a script test for here: test/integration/tests/unseal.sh
Yeah, i finally managed to get it to work with the latest stable tpm2-tools.
If you need to implement natively, the tools will serve as reference
how to piece it all together.
So far i only need to use the tools. Using the API is not on the roadmap yet.
> -----Original Message-----
> From: tpm2 [mailto:email@example.com] On Behalf Of Petko Manolov
> Sent: Wednesday, June 20, 2018 1:42 PM
> To: tpm2(a)lists.01.org
> Subject: [tpm2] seal and unseal data based on a PCR value
> Hello guys,
> I know this one has been asked many times, but i could not find a definitive
> howto, exact steps, etc.
> This project requires that a piece of data is being sealed to a TPM2 based on a
> PCR value and then unsealed from TBoot. I've harvested some bits an pieces
> from various discussions and still can't build a coherent picture in my mind.
> What would be the best place to start reading up on this?
> tpm2 mailing list