The tag in the short description does not look at all. Should be either
"tpm:" or "keys, trusted:".
On Mon, 22 Oct 2018, James Bottomley wrote:
If some entity is snooping the TPM bus, the can see the data going in
to be sealed and the data coming out as it is unsealed. Add parameter
and
I would consider sending first a patch set that would iterate the existing
session stuff to be ready for this i.e. merge in two iterations
(emphasis on the word "consider"). We can probably merge the groundwork
quite fast.
/Jarkko
On Mon, 22 Oct 2018, James Bottomley wrote:
By now, everybody
On Mon, 22 Oct 2018, James Bottomley wrote:
This code adds true session based HMAC authentication plus parameter
decryption and response encryption using AES.
In order to reduce complexity it would make sense to split into two
commits: authentication and parameter encryption.
The basic
On Mon, 22 Oct 2018, James Bottomley wrote:
This separates out the old tpm_buf_... handling functions from static
inlines into tpm.h and makes them their own tpm-buf.c file. It also
adds handling for tpm2b structures and also incremental pointer
advancing parsers.
Signed-off-by: James
On Mon, 22 Oct 2018, James Bottomley wrote:
This separates out the old tpm_buf_... handling functions from static
inlines into tpm.h and makes them their own tpm-buf.c file. It also
adds handling for tpm2b structures and also incremental pointer
advancing parsers.
Nitpicking: when my SGX
On 23 October 2018 at 04:01, James Bottomley
wrote:
> On Mon, 2018-10-22 at 19:19 -0300, Ard Biesheuvel wrote:
> [...]
>> > +static void hmac_init(struct shash_desc *desc, u8 *key, int
>> > keylen)
>> > +{
>> > + u8 pad[SHA256_BLOCK_SIZE];
>> > + int i;
>> > +
>> > + desc->tfm =
On Mon, 2018-10-22 at 19:19 -0300, Ard Biesheuvel wrote:
[...]
> > +static void hmac_init(struct shash_desc *desc, u8 *key, int
> > keylen)
> > +{
> > + u8 pad[SHA256_BLOCK_SIZE];
> > + int i;
> > +
> > + desc->tfm = sha256_hash;
> > + desc->flags =