Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-09 Thread Mimi Zohar
On Wed, 2015-12-09 at 16:24 +0200, Jarkko Sakkinen wrote: > On Tue, Dec 08, 2015 at 06:56:17PM -0500, Mimi Zohar wrote: > > On Tue, 2015-12-08 at 22:24 +0200, Jarkko Sakkinen wrote: > > > On Tue, Dec 08, 2015 at 01:01:02PM +0200, Jarkko Sakkinen wrote: > > > > On Tue, Dec 08, 2015 at 09:35:05AM

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-09 Thread Jarkko Sakkinen
On Tue, Dec 08, 2015 at 06:56:17PM -0500, Mimi Zohar wrote: > On Tue, 2015-12-08 at 22:24 +0200, Jarkko Sakkinen wrote: > > On Tue, Dec 08, 2015 at 01:01:02PM +0200, Jarkko Sakkinen wrote: > > > On Tue, Dec 08, 2015 at 09:35:05AM +1100, James Morris wrote: > > > > On Mon, 7 Dec 2015, Jarkko

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-09 Thread Jarkko Sakkinen
On Tue, Dec 08, 2015 at 06:56:17PM -0500, Mimi Zohar wrote: > On Tue, 2015-12-08 at 22:24 +0200, Jarkko Sakkinen wrote: > > On Tue, Dec 08, 2015 at 01:01:02PM +0200, Jarkko Sakkinen wrote: > > > On Tue, Dec 08, 2015 at 09:35:05AM +1100, James Morris wrote: > > > > On Mon, 7 Dec 2015, Jarkko

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-09 Thread Mimi Zohar
On Wed, 2015-12-09 at 16:24 +0200, Jarkko Sakkinen wrote: > On Tue, Dec 08, 2015 at 06:56:17PM -0500, Mimi Zohar wrote: > > On Tue, 2015-12-08 at 22:24 +0200, Jarkko Sakkinen wrote: > > > On Tue, Dec 08, 2015 at 01:01:02PM +0200, Jarkko Sakkinen wrote: > > > > On Tue, Dec 08, 2015 at 09:35:05AM

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-08 Thread Mimi Zohar
On Tue, 2015-12-08 at 22:24 +0200, Jarkko Sakkinen wrote: > On Tue, Dec 08, 2015 at 01:01:02PM +0200, Jarkko Sakkinen wrote: > > On Tue, Dec 08, 2015 at 09:35:05AM +1100, James Morris wrote: > > > On Mon, 7 Dec 2015, Jarkko Sakkinen wrote: > > > > > > > On Fri, Nov 20, 2015 at 01:34:35PM +1100,

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-08 Thread Jarkko Sakkinen
On Tue, Dec 08, 2015 at 01:01:02PM +0200, Jarkko Sakkinen wrote: > On Tue, Dec 08, 2015 at 09:35:05AM +1100, James Morris wrote: > > On Mon, 7 Dec 2015, Jarkko Sakkinen wrote: > > > > > On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote: > > > > On Wed, 18 Nov 2015, Jarkko Sakkinen

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-08 Thread Jarkko Sakkinen
On Tue, Dec 08, 2015 at 09:35:05AM +1100, James Morris wrote: > On Mon, 7 Dec 2015, Jarkko Sakkinen wrote: > > > On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote: > > > On Wed, 18 Nov 2015, Jarkko Sakkinen wrote: > > > > > > > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-08 Thread Jarkko Sakkinen
On Tue, Dec 08, 2015 at 09:35:05AM +1100, James Morris wrote: > On Mon, 7 Dec 2015, Jarkko Sakkinen wrote: > > > On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote: > > > On Wed, 18 Nov 2015, Jarkko Sakkinen wrote: > > > > > > > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-08 Thread Jarkko Sakkinen
On Tue, Dec 08, 2015 at 01:01:02PM +0200, Jarkko Sakkinen wrote: > On Tue, Dec 08, 2015 at 09:35:05AM +1100, James Morris wrote: > > On Mon, 7 Dec 2015, Jarkko Sakkinen wrote: > > > > > On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote: > > > > On Wed, 18 Nov 2015, Jarkko Sakkinen

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-08 Thread Mimi Zohar
On Tue, 2015-12-08 at 22:24 +0200, Jarkko Sakkinen wrote: > On Tue, Dec 08, 2015 at 01:01:02PM +0200, Jarkko Sakkinen wrote: > > On Tue, Dec 08, 2015 at 09:35:05AM +1100, James Morris wrote: > > > On Mon, 7 Dec 2015, Jarkko Sakkinen wrote: > > > > > > > On Fri, Nov 20, 2015 at 01:34:35PM +1100,

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-07 Thread James Morris
On Mon, 7 Dec 2015, Jarkko Sakkinen wrote: > On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote: > > On Wed, 18 Nov 2015, Jarkko Sakkinen wrote: > > > > > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote: > > > > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > > > > > > > >

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-07 Thread Jarkko Sakkinen
On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote: > On Wed, 18 Nov 2015, Jarkko Sakkinen wrote: > > > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote: > > > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > > > > > > > } > > > >

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-07 Thread Jarkko Sakkinen
On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote: > On Wed, 18 Nov 2015, Jarkko Sakkinen wrote: > > > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote: > > > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > > > > > > > } > > > >

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-12-07 Thread James Morris
On Mon, 7 Dec 2015, Jarkko Sakkinen wrote: > On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote: > > On Wed, 18 Nov 2015, Jarkko Sakkinen wrote: > > > > > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote: > > > > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > > > > > > > >

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-23 Thread Jarkko Sakkinen
On Tue, Nov 17, 2015 at 06:27:22PM +0200, Jarkko Sakkinen wrote: > Support for sealing with a authorization policy. > > Two new options for trusted keys: > > * 'policydigest=': provide an auth policy digest for sealing. > * 'policyhandle=': provide a policy session handle for unsealing. > >

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-23 Thread Jarkko Sakkinen
On Tue, Nov 17, 2015 at 06:27:22PM +0200, Jarkko Sakkinen wrote: > Support for sealing with a authorization policy. > > Two new options for trusted keys: > > * 'policydigest=': provide an auth policy digest for sealing. > * 'policyhandle=': provide a policy session handle for unsealing. > >

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-21 Thread Jarkko Sakkinen
On Tue, Nov 17, 2015 at 06:27:22PM +0200, Jarkko Sakkinen wrote: > Support for sealing with a authorization policy. > > Two new options for trusted keys: > > * 'policydigest=': provide an auth policy digest for sealing. > * 'policyhandle=': provide a policy session handle for unsealing. I think

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-21 Thread Jarkko Sakkinen
On Tue, Nov 17, 2015 at 06:27:22PM +0200, Jarkko Sakkinen wrote: > Support for sealing with a authorization policy. > > Two new options for trusted keys: > > * 'policydigest=': provide an auth policy digest for sealing. > * 'policyhandle=': provide a policy session handle for unsealing. I think

Re: [tpmdd-devel] [PATCH 2/2] keys, trusted: seal with a policy

2015-11-20 Thread Jarkko Sakkinen
On Thu, Nov 19, 2015 at 10:59:57AM +, Fuchs, Andreas wrote: > > > > From: Jarkko Sakkinen [jarkko.sakki...@linux.intel.com] > > Sent: Tuesday, November 17, 2015 17:27 > > > > Support for sealing with a authorization policy. > > > > Two new options for

Re: [tpmdd-devel] [PATCH 2/2] keys, trusted: seal with a policy

2015-11-20 Thread Jarkko Sakkinen
On Thu, Nov 19, 2015 at 10:59:57AM +, Fuchs, Andreas wrote: > > > > From: Jarkko Sakkinen [jarkko.sakki...@linux.intel.com] > > Sent: Tuesday, November 17, 2015 17:27 > > > > Support for sealing with a authorization policy. > > > > Two new options for

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-19 Thread James Morris
On Wed, 18 Nov 2015, Jarkko Sakkinen wrote: > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote: > > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > > > > > } > > > break; > > > + case Opt_policydigest: > > > + if (!tpm2 || > >

RE: [tpmdd-devel] [PATCH 2/2] keys, trusted: seal with a policy

2015-11-19 Thread Fuchs, Andreas
> > From: Jarkko Sakkinen [jarkko.sakki...@linux.intel.com] > Sent: Tuesday, November 17, 2015 17:27 > > Support for sealing with a authorization policy. > > Two new options for trusted keys: > > * 'policydigest=': provide an auth policy digest for

RE: [tpmdd-devel] [PATCH 2/2] keys, trusted: seal with a policy

2015-11-19 Thread Fuchs, Andreas
> > From: Jarkko Sakkinen [jarkko.sakki...@linux.intel.com] > Sent: Tuesday, November 17, 2015 17:27 > > Support for sealing with a authorization policy. > > Two new options for trusted keys: > > * 'policydigest=': provide an auth policy digest for

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-19 Thread James Morris
On Wed, 18 Nov 2015, Jarkko Sakkinen wrote: > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote: > > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > > > > > } > > > break; > > > + case Opt_policydigest: > > > + if (!tpm2 || > >

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-17 Thread Jarkko Sakkinen
On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote: > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > > > } > > break; > > + case Opt_policydigest: > > + if (!tpm2 || > > + strlen(args[0].from) != (2

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-17 Thread James Morris
On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > } > break; > + case Opt_policydigest: > + if (!tpm2 || > + strlen(args[0].from) != (2 * opt->digest_len)) > + return

[PATCH 2/2] keys, trusted: seal with a policy

2015-11-17 Thread Jarkko Sakkinen
Support for sealing with a authorization policy. Two new options for trusted keys: * 'policydigest=': provide an auth policy digest for sealing. * 'policyhandle=': provide a policy session handle for unsealing. Signed-off-by: Jarkko Sakkinen ---

[PATCH 2/2] keys, trusted: seal with a policy

2015-11-17 Thread Jarkko Sakkinen
Support for sealing with a authorization policy. Two new options for trusted keys: * 'policydigest=': provide an auth policy digest for sealing. * 'policyhandle=': provide a policy session handle for unsealing. Signed-off-by: Jarkko Sakkinen ---

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-17 Thread James Morris
On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > } > break; > + case Opt_policydigest: > + if (!tpm2 || > + strlen(args[0].from) != (2 * opt->digest_len)) > + return

Re: [PATCH 2/2] keys, trusted: seal with a policy

2015-11-17 Thread Jarkko Sakkinen
On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote: > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > > > } > > break; > > + case Opt_policydigest: > > + if (!tpm2 || > > + strlen(args[0].from) != (2