mirror of
https://github.com/jiazhang0/meta-secure-core.git
synced 2026-07-16 20:56:58 +00:00
7f72300c23
when openssl-tpm-engine lib is used on an unattended device, there is no way to input TPM key password. So add this feature to support parse an encrypted(AES algorithm) TPM key password from env. The default decrypting AES password and salt is set in bb file. When we create a TPM key(TSS format), generate a 8 bytes random data as its password, and then we need to encrypt the password with the same AES password and salt in bb file. At last, we set a env as below: export TPM_KEY_ENC_PW=xxxxxxxx "xxxxxxxx" is the encrypted TPM key password for libtpm.so. Signed-off-by: Meng Li <Meng.Li@windriver.com>