You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have some TPM1.2 machines that do not seem to come with an EK certificate. They have an Intel discrete TPM but Intel's HTTP interface returns just 404 and attempts to write a dummy EK certificate to the NVRAM also fail. Would you be interested in a pull request that makes the self-test work on such machines? I understood that TPM1.2 support was in maintenance-only mode now so I thought I'd ask before spending too much time polishing a PR.
I got this to work by modifying eks() in tpm12_linux.go to read the EK directly from the TPM if reading the EK certificate from NVRAM fails. This required also adding two functions to go-tspi to read the EK from the TPM.
The text was updated successfully, but these errors were encountered:
I have some TPM1.2 machines that do not seem to come with an EK certificate. They have an Intel discrete TPM but Intel's HTTP interface returns just 404 and attempts to write a dummy EK certificate to the NVRAM also fail. Would you be interested in a pull request that makes the self-test work on such machines? I understood that TPM1.2 support was in maintenance-only mode now so I thought I'd ask before spending too much time polishing a PR.
I got this to work by modifying eks() in tpm12_linux.go to read the EK directly from the TPM if reading the EK certificate from NVRAM fails. This required also adding two functions to go-tspi to read the EK from the TPM.
The text was updated successfully, but these errors were encountered: