Description
Im currently struggling to implement clevis LUKS to my TPM 1.2 chip
While doing the following example:
echo "hi" | clevis encrypt tpm2 '{}' > hi.jwe
I get following message:
A TPM2 device with the in-kernel resource manager is needed!
having a look in /git/clevis/src/pins/tpm2 we find in file levis-encrypt-tpm2 following:
if [ -z "$TPM2TOOLS_DEVICE_FILE" ]; then
echo "A TPM2 device with the in-kernel resource manager is needed!" >&2
exit 1
fi
$TPM2TOOLS_DEVICE_FILE variable points here:
export TPM2TOOLS_TCTI_NAME=device
export TPM2TOOLS_DEVICE_FILE=
for dev in /dev/tpmrm?; do
[ -e "$dev" ] || continue
TPM2TOOLS_DEVICE_FILE="$dev"
break
done
As we see we look at /dev/tpmrm which does not exist on a tpm 1.2 system. which only has /dev/tpm0
Is this working as expected? is tpm 1.2 not supported?
Im currently using a DELL LATITUDE 7240 with following version
$ tpm_version
TPM 1.2 Version Info:
Chip Version: 1.2.41.1
Spec Level: 2
Errata Revision: 3
TPM Vendor ID: ATML
TPM Version: 01010000
Manufacturer Info: 41544d4c