> -----Original Message----- > From: Gilbert, Travis > Sent: Wednesday, July 19, 2017 12:02 > To: tboot-devel@lists.sourceforge.net > Subject: [tboot-devel] [patch] TPM2.0 LCPv2 Tool Patch > > This is a significant patch that corrects omissions I found in the lcptools-v2 > utilities. It adds definitions based on the Intel TXT Software Development > Guide (https://www.intel.com/content/www/us/en/software- > developers/intel-txt-software-development-guide.html). I used Revision > 013. Looking at Section 4.6 of Revision 014, it seems my patch still applies. > Appendix E has a couple changes, notably the removal of ECDSA as an > approved signing algorithm. This could be changed from what I'm providing if > we want to update the tools to match Revision 014. > > I've added the following: > -Ability to define the allowed policy hashing algorithms (stored in a mask) - > Ability to define the signing algorithm -Ability to define the AUX hashing > algorithm -constants for hashing and signing algorithms -Ability to define LCP > version > > I also changed some of the options as well as some of my added options to > required based on my experience of ACMs rejecting LCPs without those > fields and common sense. For example, the policy hash could be defined > without defining the allowed policy hashing algorithms. Now, since you have > to define the policy hash, you must also define the policy hashing "allowed > algorithms" mask. > > Signed-off-by: Travis Gilbert <travis.gilb...@dell.com>
Please ignore the "Confidential" tag. Outlook "helpfully" adds that to any email that it's not explicitly excluded from. I've edited my above message to reflect that. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
