Imran Desai

icon indicating an email [email protected]

icon company Intel Corporation icon location USA icon location https://www.linkedin.com/in/imranodesai

Results 76 comments of Imran Desai

All pcr missing

@kingod98 did you try a tpm2_pcrextend on the PCR and see if the values toggle? @williamcroberts is right, does the bios image you have enable measured boot?

How to Set Platform Password -- phEnable May not Be SET using hierarchycontrol

Typically, platform hierarchy is closed in the PEI phase of the bios. The hierarchy is enabled and a random value is chosen as a password. An option to issue a...

Encryption Using tss2_ Tools

The size of data sealed is limited to 128 bytes. Can you use a symmetric key instead? The other option is to import the private key into the TPM.

Device attestation does not work with newest tpm2_tools

@simon-pau specifically what errors do you see and with what version of the tools?

The unsealed secret flows through the TPM interface in clear text

> Thank you for sharing your valuable insights. > > I read [Protecting Secrets At Tpm Interface](https://tpm2-software.github.io/2021/02/17/Protecting-secrets-at-TPM-interface.html) article and tried the demo script while capturing packets using [SWTPM](https://github.com/stefanberger/swtpm) simulator. And...

How to execute tpm2_changeeps

Endorsement seeds can only be changed through a firmware update on a real TPM. This is not a normal event and the manufacturer will need to re-certify all the resulting...