summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>2015-10-31 16:53:44 +0100
committerJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>2015-12-20 14:27:13 +0100
commit5beb0c435bdde35a09376566b0e28f7df87c9f68 (patch)
tree3f8c2bc84de7a77c3fed187f3bd15011e2b33e5b /crypto
parentkeys, trusted: select hash algorithm for TPM2 chips (diff)
downloadlinux-5beb0c435bdde35a09376566b0e28f7df87c9f68.tar.xz
linux-5beb0c435bdde35a09376566b0e28f7df87c9f68.zip
keys, trusted: seal with a TPM2 authorization policy
TPM2 supports authorization policies, which are essentially combinational logic statements repsenting the conditions where the data can be unsealed based on the TPM state. This patch enables to use authorization policies to seal trusted keys. Two following new options have been added for trusted keys: * 'policydigest=': provide an auth policy digest for sealing. * 'policyhandle=': provide a policy session handle for unsealing. If 'hash=' option is supplied after 'policydigest=' option, this will result an error because the state of the option would become mixed. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Colin Ian King <colin.king@canonical.com> Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Acked-by: Peter Huewe <peterhuewe@gmx.de>
Diffstat (limited to 'crypto')
0 files changed, 0 insertions, 0 deletions