> We can't use the TPM because there's no secure communications channel between the fingerprint reader and the TPM, so we can't configure the TPM to release secrets only if an associated fingerprint is provided.
Is there no privative in fingerprint readers to sign a blob only when a valid fingerprint is provided? If so you could do something like:
1) Gnome tells the TPM to start an unlock action 2) TPM generates a nonce which includes time, returns it so Gnome 3) OS sends this off to fingerprint reader 4) OS prompts the user to touch their fingerprint 5) Fingerprint matches, reader signs the nonce, returns it to OS 6) OS returns it to TPM 7) TPM verifies signature, ensures time is within acceptable window, returns secret
no subject
Is there no privative in fingerprint readers to sign a blob only when a valid fingerprint is provided? If so you could do something like:
1) Gnome tells the TPM to start an unlock action
2) TPM generates a nonce which includes time, returns it so Gnome
3) OS sends this off to fingerprint reader
4) OS prompts the user to touch their fingerprint
5) Fingerprint matches, reader signs the nonce, returns it to OS
6) OS returns it to TPM
7) TPM verifies signature, ensures time is within acceptable window, returns secret