Discussion:
[TrouSerS-users] TPM-Tools password prompt
Tadd Seiff
2016-09-22 18:34:20 UTC
Permalink
Hi all,

I'm extending the tpm-tools and using the console input handling methods used by the rest of the utilities.

I'm building all the tools myself, including my new tools, but the "Enter owner password:" prompt isn't working right: I enter my password, then hit ENTER, but it blows right past the "Confirm Password" prompt, which I obviously didn't have time to input, and fails for "Passwords didn't match"
Enter new owner password: {password entered and click ENTER}
Confirm password: Passwords didn't match { didn't stop here for my input }
It does this for my new tools as well as existing tools that I build without modification. Also note that the Trousers tpm-tools package installed on my machine (Ubuntu 14.04) does not exhibit this behavior, only the ones I build.

Here's my code:
if (!owner_well_known) {
// Prompt for owner password
szTpmPasswd = GETPASSWD(_("Enter owner password: "), &tpm_len, TRUE);
if (!szTpmPasswd){
printf("ERROR: Failed to get owner password.\n");
goto abort;
}
} else {
szTpmPasswd = (char *)well_known_secret;
}

Where GETPASSWD is defined in the tpm-tools project. This is pretty straight forward, so I don't know what's wrong.

The problem must be something in my build, but I don't know where to start. Can someone here point me in the right direction to fix this?

Thanks,
_________________________
Tadd Seiff
Software Development
Western Digital Corporation
www.wdc.com
(949) 672.6669

Western Digital Corporation (and its subsidiaries) E-mail Confidentiality Notice & Disclaimer:

This e-mail and any files transmitted with it may contain confidential or legally privileged information of WDC and/or its affiliates, and are intended solely for the use of the individual or entity to which they are addressed. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited. If you have received this e-mail in error, please notify the sender immediately and delete the e-mail in its entirety from your system.
Tadd Seiff
2016-09-23 17:34:15 UTC
Permalink
I solved this.

TLDR: I'm working from git://git.code.sf.net/p/trousers/tpm-tools trousers-tpm-tools. The getPass() utility method used on the 1.3.9 branch/tag doesn't work for me. I needed to pick up changes from 'master', and it works.

Some more info:
The terminal/prompt logic was overhauled at some point, so I think I'm just suffering from bad legacy behavior:

commit cedf26b74e26c0e4f4fd88d58dad5954264c686b
Author: Kent Yoder <***@linux.vnet.ibm.com>
Date: Wed Feb 6 15:14:54 2013 -0600

tpm_utils: reimplement _get_pass to replace the obsolete get_pass().

Signed-off-by: Kent Yoder <***@linux.vnet.ibm.com>


I based my work from the 1.3.9 tag/branch, for stability (silly me). But, it seems the getPass() method refactor never made it there. I confirmed that the plain 1.3.9 branch also exhibits this error on my machine.

-Tadd
(949) 672.6669


From: Tadd Seiff
Sent: Thursday, September 22, 2016 11:34 AM
To: 'trousers-***@lists.sf.net' <trousers-***@lists.sf.net>
Subject: TPM-Tools password prompt

Hi all,

I'm extending the tpm-tools and using the console input handling methods used by the rest of the utilities.

I'm building all the tools myself, including my new tools, but the "Enter owner password:" prompt isn't working right: I enter my password, then hit ENTER, but it blows right past the "Confirm Password" prompt, which I obviously didn't have time to input, and fails for "Passwords didn't match"
Enter new owner password: {password entered and click ENTER}
Confirm password: Passwords didn't match { didn't stop here for my input }
It does this for my new tools as well as existing tools that I build without modification. Also note that the Trousers tpm-tools package installed on my machine (Ubuntu 14.04) does not exhibit this behavior, only the ones I build.

Here's my code:
if (!owner_well_known) {
// Prompt for owner password
szTpmPasswd = GETPASSWD(_("Enter owner password: "), &tpm_len, TRUE);
if (!szTpmPasswd){
printf("ERROR: Failed to get owner password.\n");
goto abort;
}
} else {
szTpmPasswd = (char *)well_known_secret;
}

Where GETPASSWD is defined in the tpm-tools project. This is pretty straight forward, so I don't know what's wrong.

The problem must be something in my build, but I don't know where to start. Can someone here point me in the right direction to fix this?

Thanks,
_________________________
Tadd Seiff
Software Development
Western Digital Corporation
www.wdc.com<http://www.wdc.com>
(949) 672.6669

Western Digital Corporation (and its subsidiaries) E-mail Confidentiality Notice & Disclaimer:

This e-mail and any files transmitted with it may contain confidential or legally privileged information of WDC and/or its affiliates, and are intended solely for the use of the individual or entity to which they are addressed. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited. If you have received this e-mail in error, please notify the sender immediately and delete the e-mail in its entirety from your system.
Loading...