Hello, I want to seal data (a passphrase) to PCR >15. # tpm_nvdefine -i 1 -s 6 p -r 18 -w 18 --permissions="AUTHWRITE" -z Cannot seal NVRAM area to PCR > 15
Why is this not possible? I want to seal to Intel TXT generated PCRs and this doesn't sound right... should I recompile with this check commented out and try? How to get around it? Do I have to use tpm_sealdata (for example) which does not have this limitation but requires a blob and a SRK? I'd like to avoid that if at all possible. In case I need to use tpm_sealdata, how much is system.data going to differ between various systems and when? Will a simple one work for this one purpose assuming I don't have more keys than the default one? Thanks Jan ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
