#!/bin/bash
set -e -o pipefail
export LC_ALL=C


TPM_ID_INDEX="0x7562"


usage() {
    cat <<EOF
Prints a 20-byte hex string TPM ID followed by a newline.

Usage: tpm_id [-i]
    -i     print the TPM ID NVRAM index
EOF
    exit 1
}

log() {
    echo "${0##*/}: $1" >&2
}

hex() {
    xxd -ps | tr -dc 0-9a-f
}

getindex() {
    echo "$TPM_ID_INDEX"
}

getid() {
    if ! tpm_nvinfo -i "$TPM_ID_INDEX" | grep -q "WRITEDEFINE"; then
        log "TPM NVRAM area at index $TPM_ID_INDEX is not defined!"
        log "Hint: did you run 'anti-evil-maid-tpm-setup'?"
        echo "unknown"
    else
        tpm_nvread_stdout -i "$TPM_ID_INDEX" | hex
        echo
    fi
}


while getopts i opt; do
    case "$opt" in
        i) getindex && exit 0 ;;
        *) usage ;;
    esac
done

getid
