shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-03-11 20:58:27 +03:00
Code

tpm2-util: load external key into NULL hierarchy if private key is provided

Browse Source 
If we load an external key into the TPM we must do so in the NULL
hierarchy. An external key after all is one that is not wrapped by any
hierarchy's seed.

See TPM2 spec, Part 3, Section 12.3.1
This commit is contained in:
Lennart Poettering 2024-04-16 15:01:41 +02:00
parent d0f8da9815
commit 371b594414
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/shared/tpm2-util.c
View File

@ -2242,9 +2242,9 @@ static int tpm2_load_external(
#if HAVE_TSS2_ESYS3
/* tpm2-tss >= 3.0.0 requires a ESYS_TR_RH_* constant specifying the requested
* hierarchy, older versions need TPM2_RH_* instead. */
ESYS_TR_RH_OWNER,
private ? ESYS_TR_RH_NULL : ESYS_TR_RH_OWNER,
#else
TPM2_RH_OWNER,
private ? TPM2_RH_NULL : TPM2_RH_OWNER,
#endif
&handle->esys_handle);
if (rc != TSS2_RC_SUCCESS)