[PATCH v5 04/11] security: keys: trusted: Include TPM2 creation data

James Bottomley jejb at linux.ibm.com
Mon Nov 14 18:00:08 UTC 2022


On Mon, 2022-11-14 at 09:43 -0800, Evan Green wrote:
> On Mon, Nov 14, 2022 at 8:56 AM James Bottomley <jejb at linux.ibm.com>
> wrote:
[...]
> > Of course, since openssl_tpm2_engine is the complete reference
> > implementation that means I'll have to add the creation PCRs
> > implementation to it ... unless you'd like to do it?
> 
> I am willing to help as I'm the one making the mess. How does it
> sequence along with your draft submission (before, after,
> simultaneous)?

At the moment, just send patches.  The openssl_tpm2_engine is developed
on a groups.io mailing list:

https://groups.io/g/openssl-tpm2-engine/

You need an IETF specific tool (xml2rfc) to build the rfc from the xml,
but it's available in most distros as python3-xml2rfc.  If you don't
want to learn the IETF XML I can help you code up the patch to add that
to the draft spec.

Regards,

James



More information about the Linux-security-module-archive mailing list