git.proxmox.com Git - swtpm.git/commit

author	Stefan Berger <stefanb@linux.vnet.ibm.com>
	Mon, 14 May 2018 13:03:09 +0000 (09:03 -0400)
committer	Stefan Berger <stefanb@linux.vnet.ibm.com>
	Mon, 14 May 2018 13:22:11 +0000 (09:22 -0400)
commit	2fe082cde64d1de81e4eff942a634862c617e667
tree	1c7a0c444bbf91b9c660eff83837e9b1af07054d	tree
parent	a6e219a6cb499c70a72308026b2d078cfd05b486	commit \| diff

Use TPMLIB_SetState to set state blobs

Rather than writing to files directly and having to validate the state in
those files using TPMLIB_ValidatetState(), we now use the new
TPMLIB_SetState() call to set the TPM's state blobs. The advantage of this
call is that it doesn't overwrite state files and ends up leaving state in
files that the TPM cannot use. Instead, it validates the state immediately
when the blob is set and returns an error in case the state cannot be
accepted.

We need to adapt one test case that now gets a failure earlier than before.
Before the TPM_INIT failed, now setting the encrypted blob fails because it
cannot be decrypted and thus cannot be accepted by the TPM.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

src/swtpm/ctrlchannel.c		diff \| blob \| blame \| history
src/swtpm/cuse_tpm.c		diff \| blob \| blame \| history
src/swtpm/swtpm_nvfile.c		diff \| blob \| blame \| history
src/swtpm/swtpm_nvfile.h		diff \| blob \| blame \| history
src/swtpm/tpmlib.c		diff \| blob \| blame \| history
src/swtpm/tpmlib.h		diff \| blob \| blame \| history
tests/_test_migration_key		diff \| blob \| blame \| history