On 08/09/12 20:37, Kent Yoder wrote: > Hi Joanna, > >> > Unfortunately, the datasheet, nor any other document I was able to find, >> > tells how one could retrieve such a certificate out of the TPM's NV >> > memory. And ideally that this worked for all the TPMs from all sorts of >> > vendors... > This info lives in the TPM Main Structures spec, section 19.1.2, > under NV Reserved index values: > > 0x0000F000 TPM_NV_INDEX_EKCert > > Reading this NV index should get you the EK Cert if the vendor supports it.
Thanks! Is there any command line tool (perhaps one of the tboot tools) that could let me read it and save it in a nice format, e.g. x509, so I can later analyze it using e.g. openssl? joanna.
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
