Re: [PATCH v4 0/7] add integrity and security to TPM2 transactions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2018-10-22 at 11:50 -0400, Ken Goldman wrote:
> On 10/22/2018 10:18 AM, James Bottomley wrote:
> > > 1 - Any policy that requires a password (policypassword) can
> > > substitute
> > > an HMAC (policyauthvalue) at the callers discretion.  They result
> > > in the same policy digest.
> > 
> > Right but this requires the co-operation of the policy handle
> > creator, so it's an API change.
> > 
> 
> In case it wasn't clear:  The choice is not made at the time the
> policy is calculated, nor is it made at startauthsession (when
> the policy is created).
> 
> The choice is made when the policy is being satisfied.
> 
> policypassword tells the TPM to expect a plaintext password, while
> policyauthvalue tells the TPM to expect an HMAC.
> 
> It's subtle that either policy command results in the same policy
> digest.

I understand, but the API just has a policy handle from a fully
constructed policy passed in.  There's no way to deconstruct this even
to know if it has auth requirements and what type.  To get that info we
 have to see the policy commands that go into building up the policy
session ... this means the API needs to change.

James




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux