Re: [PATCH 6/8] security: keys: trusted: add PCR policy to TPM2 keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/9/2019 2:11 PM, James Bottomley wrote:

Plus, I know of no policy statement that's anywhere near 127 bytes
long, so there's no problem with doing the single byte fixed length
that DER requires.


Is "a policy statement" the TPM command?

PolicyOr takes a list of hashes.  A typical policy may only have 3
sha256 hashes, but it could potentially be 8 sha384 hashes.

PolicySigned has a policy with a 256 byte public key and a TPM
command with a 256 byte signature.

In general, since the TPM input command buffer is 1 - 1.5k,
that's a reasonable value for input parameters.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux