Add a few new functions which will be used by the test command in a future
patch.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Add driver model support to the TPM command and the TPM library. Both
support only a single TPM at present.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
commit 18b06652cd "tools: include u-boot version of sha256.h"
unconditionally forced the sha256.h from u-boot to be used
for tools instead of the host version. This is fragile though
as it will also include the host version. Therefore move it
to include/u-boot to join u-boot/md5.h etc which were renamed
for the same reason.
cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Jeroen Hofstee <jeroen@myspectrum.nl>
Extend the tpm library with support for single authorized (AUTH1) commands
as specified in the TCG Main Specification 1.2. (The internally used helper
functions are implemented in a way that they could also be used for double
authorized commands if someone needs it.)
Provide enums with the return codes from the TCG Main specification.
For now only a single OIAP session is supported.
OIAP authorized version of the commands TPM_LoadKey2 and TPM_GetPubKey are
provided. Both features are available using the 'tpm' command, too.
Authorized commands are enabled with CONFIG_TPM_AUTH_SESSIONS. (Note that
this also requires CONFIG_SHA1 to be enabled.)
Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: Dirk Eibach <dirk.eibach@gdsys.cc>
Acked-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Andy Fleming <afleming@freescale.com>
TPM command library implements a subset of TPM commands defined in TCG
Main Specification 1.2 that are useful for implementing secure boot.
More TPM commands could be added out of necessity.
You may exercise these commands through the 'tpm' command. However, the
raw TPM commands are too primitive for writing secure boot in command
interpreter scripts; so the 'tpm' command also provides helper functions
to make scripting easier.
For example, to define a counter in TPM non-volatile storage and
initialize it to zero:
$ tpm init
$ tpm startup TPM_ST_CLEAR
$ tpm nv_define d 0x1001 0x1
$ tpm nv_write d 0x1001 0
And then increment the counter by one:
$ tpm nv_read d 0x1001 i
$ setexpr.l i $i + 1
$ tpm nv_write d 0x1001 $i
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Simon Glass
Jeroen Hofstee
Wolfgang Denk
Reinhard Pfau
Che-liang Chiou