Andreas Fuchs
Andreas Fuchs
Fapi_Encrypt/_Decrypt currently do not support ECC keys. I'd like to add those. Question: How do we do that, given the current APIs https://github.com/tpm2-software/tpm2-tss/blob/ebfe77b41e677de6cd808e3155fe43d606951143/include/tss2/tss2_fapi.h#L331-L338 https://github.com/tpm2-software/tpm2-tss/blob/ebfe77b41e677de6cd808e3155fe43d606951143/include/tss2/tss2_fapi.h#L350-L356 I guess we could take plainText...
When trying to build tools against master, I run into an error, because the deprecated struct is used in a function declaration on tss2_mu.h Apparently, even when using a deprecated...
Allow for the Target Key in Fapi_Export to not only be a keypath but also allow a public key in PEM format directly
For all these programs that do not support secure session (or where they are complicated), we could implement a tcti that just starts a new audit-session and adds it to...
Add a preview version of IMA/BIOS. Final version will be implemented, once TCG has a spec for the eventlog format out the door.
I was wondering if we might want to allow setting auth values without the need for a callback. `Fapi_SetuAuthCB(ctx, NULL, "thepassword")` This would be the same as a ``` TSS2_RC...
If ESYS does not support a certain crypto alg then it will currently return MALFORMED_RESPONSE. It should however be NOT_IMPLEMENTED or a more meaningful error code if specified. see e.g....
If an SRK is already persistent at the time of Fapi_Provision and it has the same attributes as requested from the FAPI crypto profile, then FAPI should just reuse this...
I guess we should start using tss2-rc decoding in error logs. I guess for now, we could "just" search for LOG_ERROR and tackle all of these occurences... Maybe turn it...
Many optional integration tests will return skip if their respective tpm-command is not supported by the TPM, following a TPM2_RC_INVALIDCOMMANDCODE after calling. Instead, we should call TPM2_GetCapability(TPM2_CAP_COMMANDS) at the beginning...