#155 Owner Evict keys aren't handled correctly

Bug
open-accepted
5
2012-09-26
2012-06-13
Kent Yoder
No

As reported by Dave Challener:

Based on the spec, Tspi_Context_GetKeyByUUID should be used to query for an ownerevict key in the TPM. That API calls TCS, who checks disk, then needs to check its list of ownerevict uuids based on the loaded keys it should have seen at tcsd startup time. The issue is in the case that the ownerevict key requires auth -- the tcsd can't get its public key out of the TPM by itself. It could return just a handle back to Tspi, but that looks like its going to force a bunch of changes to tspi - tcs would return a handle with absolutely no info on what that handle's key's properties are. Right now, the trousers tspi layer can't handle that case without a lot of updates.

Discussion

  • Kent Yoder

    Kent Yoder - 2012-09-26

    TODO 0.3.11

     
  • Kent Yoder

    Kent Yoder - 2012-09-26
    • status: open --> open-accepted
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks