Sorry for such a dreadful title, but I'm not sure how to be more descriptive. I'm hoping some of the more gurutastic out there can take a look at a solution I came up with to a problem, and advice if there are better ways to have gone about it.
To make a long story short around 20K pieces of... (2 Replies)
I'm trying to understand if it's possible to create a set of variables that are numbered based on another variable (using eval) in a loop, and then call on it before the loop ends.
As an example I've written a script called question (The fist command is to show what is the contents of the... (2 Replies)
Hi Im running this script, which is supposed to find the max value build some tables and then stop running once all the tables are built. Thing is , it keeps assigning a null value to $h and then $g is null so it keep building tables i.e. testupdateNUL. How can I stop this? Here is what I have:
... (4 Replies)
Hi all
Sorry for the basic question, but i am writing a shell script to get around a slightly flaky binary that ships with one of our servers. This particular utility randomly generates the correct information and could work first time or may work on the 12th or 100th attempt etc !.... (4 Replies)
Hi,
hope I am posting in the right section.
My problem is that I have 2 or more arguments passed and I want to check if the arguments passed exists or not.
The first argument should not exist and the remaining others should exist.
example:
./shells.sh argument1 argument2 argument3
... (5 Replies)
Hi, I was debating if I should put this in the dummies or scripts section, I apologize in advance if I chose poorly.
Fairly new to Unix and BASH scripting but I thought I made it fairly well given my limited understanding. However, the output indicates that it's looping and I'm ending up with a... (5 Replies)
Hello All,
Maybe I'm Missing something here but I have NOOO idea what the heck is going on with this....?
I have a Variable that contains a PATTERN of what I'm considering "Illegal Characters". So what I'm doing is looping
through a string containing some of these "Illegal Characters". Now... (5 Replies)
Hi,
I want to read file multiple times. Right now i am using while loop but that is not working.
ex.
While read line
do
while read line2
do
echo stmt1
#processing some data based on data.,
done < file2.txt
done < file1.txt # This will have 10... (4 Replies)
Hi all,
i developed a script to measure the uptime of a process in a Solaris 10/11 environments.
All is well, but i came across a situation where there are multiple processes of the same name. Basically i have the following result file:
beVWARS 13357 19592122
beVWARS 14329 19591910... (4 Replies)
Discussion started by: nms
4 Replies
LEARN ABOUT CENTOS
tpm_quote_tools
TPM QUOTE TOOLS(8) TPM QUOTE TOOLS(8)NAME
TPM Quote Tools
PROGRAMS
tpm_mkuuid, tpm_mkaik, tpm_loadkey, tpm_unloadkey, tpm_getpcrhash, tpm_updatepcrhash, tpm_getquote, tpm_verifyquote
DESCRIPTION
TPM Quote Tools is a collection of programs that provide support for TPM based attestation using the TPM quote operation.
A TPM contains a set of Platform Configuration Registers (PCRs). In a well configured machine, some of these registers are set to known
values during the boot up process or at other times. For example, a PCR might contain the hash of a boot loader in memory before it is
run.
The TPM quote operation is used to authoritatively verify the contents of a TPM's Platform Configuration Registers (PCRs). During provi-
sioning, a composite hash of a selected set of PCRs is computed. The TPM quote operation produces a composite hash that can be compared
with the one computed while provisioning.
To use the TPM quote operation, keys must be generated. During provisioning, an Attestation Identity Key (AIK) is generated for each TPM,
and the public part of the key is made available to entities that validate quotes.
The TPM quote operation returns signed data and a signature. The data that is signed contains the PCRs selected for the operation, the
composite hash for the selected PCRs, and a nonce provided as input, and used to prevent replay attacks. At provisioning time, the data
that is signed is stored, not just the composite hash. The signature is discarded.
An entity that wishes to evaluate a machine generates a nonce, and sends it along with the set of PCR used to generate the composite PCR
hash at provisioning time. For this use of the TPM quote operation, the signed data is ignored, and the signature returned is used to val-
idate the state of the TPM's PCRs. Given the signature, the evaluating entity replaces the nonce in the signed data generated at provi-
sioning time, and checks to see if the signature is valid for the data. If so, this check ensures the selected PCRs contain values that
match the ones measured during provisioning.
A typical scenario for an enterprise using these tools follows. The tools expect AIKs to be referenced via one enterprise-wide Universally
Unique Identifier (UUID). The program tpm_mkuuid creates one.
For each machine being checked, an AIK is created using tpm_mkaik. The key blob produced is bound to the UUID on its machine using
tpm_loadkey. The public key associated with the AIK is sent to the entities that verify quotes. Finally, the expected PCR composite hash
is obtained using tpm_getpcrhash. When the expected PCR values change, a new hash can be generated with tpm_updatepcrhash.
The program to obtain a quote, and thus measure the current state of the PCRs is tpm_getquote. The program that verifies the quote
describes the same PCR composite hash as was measured initially is tpm_verifyquote.
SEE ALSO tpm_mkuuid(8), tpm_mkaik(8), tpm_loadkey(8), tpm_unloadkey(8), tpm_getpcrhash(8), tpm_updatepcrhash(8), tpm_getquote(8), tpm_verifyquote(8)
Oct 2010 TPM QUOTE TOOLS(8)