Some weird behavior. I want to make an NV index that is only writeable with owner auth, and only readable with NV index auth.
tpm_nvdefine -i 68997 -p AUTHREAD -p OWNERWRITE -a Password -o OwnerPassword -r 0 -r 1 doesn't do it. Anyone can read the index. It appears the second -p OWNERWRITE overwrites the permissions set in -p AUTHREAD (silently). tpm_nvdefine -i 68997 -p AUTHREAD|OWNERWRITE -a Password -o OwnerPassword -r 0 -r 1 doesn't do it. it doesn't like this command. So I went to trousers and tried to define it there. It won't let me define it if I have Tspi_SetATtribUint32(hNVStore, TSSATTRIB_NV_PERMISSIONS, 0, TPM_NV_PER_OWNERWRITE | TPM_NV_PER_AUTHREAD); I can have one or the other, but not both. What gives?
------------------------------------------------------------------------------
_______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
