#!/usr/bin/sh -e

[ ! -d /run/cvmutils ] && mkdir -m 0700 /run/cvmutils

# Check that it's Azure CVM
tpm2_nvread --hierarchy owner --output /run/cvmutils/azure-attestationreport.bin 0x1400001 || exit 0
tpm2_nvread --hierarchy owner --output /run/cvmutils/azure-akcert.bin 0x1c101d0 || exit 0

# Create a nonce and get a quote
openssl rand -hex 20 > /run/cvmutils/nonce
tpm2_quote -c 0x81000003 -l sha256:0,1,2,3,4,7,11,12,13,14,15  -q /run/cvmutils/nonce -m /run/cvmutils/quote_message.dat -s /run/cvmutils/quote_signature.dat -o /run/cvmutils/pcr_values.dat
