[PATCH 1/3] tpm: update tpm hash algorithm according to tpm2.0 spec 1.59

Benjamin BARATTE benjamin.baratte at st.com
Mon Jul 15 15:33:16 CEST 2024


The hash algorithm structure shall reflect the TCG specification for
TPM2.0
With vesion 1.59, the SHA3 algorithm has been added and shall be
reflected in this structure.
The fact that U-Boot does or does not support SHA3 algo yet is not
relevant for this structure.
It's up to the end user to configure the active PCR bank to supported
hash algorithm by all boot chain component.
Also, by default, TPM2.0 shall support at least SHA256 and SHA384, in
practice dTPM support 2 actives banks with this 2 hash algorithms

Signed-off-by: Benjamin BARATTE mailto:benjamin.baratte at st.com
---

 include/tpm-v2.h | 35 ++++++++++++++++++++++++++++++-----
 1 file changed, 30 insertions(+), 5 deletions(-)

diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index 4fd19c52fd..9848e1fd10 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -253,6 +253,9 @@ enum tpm2_algorithms {
        TPM2_ALG_SHA512         = 0x0D,
        TPM2_ALG_NULL           = 0x10,
        TPM2_ALG_SM3_256        = 0x12,
+       TPM2_ALG_SHA3_256       = 0x27,
+       TPM2_ALG_SHA3_384       = 0x28,
+       TPM2_ALG_SHA3_512       = 0x29,
 };

 /**
@@ -271,11 +274,15 @@ struct digest_info {
 };

 /* Algorithm Registry */
-#define TCG2_BOOT_HASH_ALG_SHA1    0x00000001
-#define TCG2_BOOT_HASH_ALG_SHA256  0x00000002
-#define TCG2_BOOT_HASH_ALG_SHA384  0x00000004
-#define TCG2_BOOT_HASH_ALG_SHA512  0x00000008
-#define TCG2_BOOT_HASH_ALG_SM3_256 0x00000010
+#define TCG2_BOOT_HASH_ALG_SHA1     0x00000001
+#define TCG2_BOOT_HASH_ALG_SHA256   0x00000002
+#define TCG2_BOOT_HASH_ALG_SHA384   0x00000004
+#define TCG2_BOOT_HASH_ALG_SHA512   0x00000008
+#define TCG2_BOOT_HASH_ALG_SM3_256  0x00000010
+#define TCG2_BOOT_HASH_ALG_SHA3_256 0x00000020
+#define TCG2_BOOT_HASH_ALG_SHA3_384 0x00000040
+#define TCG2_BOOT_HASH_ALG_SHA3_512 0x00000080
+

 static const struct digest_info hash_algo_list[] = {
 #if IS_ENABLED(CONFIG_SHA1)
@@ -310,6 +317,24 @@ static const struct digest_info hash_algo_list[] = {
                TPM2_SHA512_DIGEST_SIZE,
        },
 #endif
+       {
+               "sha3_256",
+               TPM2_ALG_SHA3_256,
+               TCG2_BOOT_HASH_ALG_SHA3_256,
+               TPM2_SHA256_DIGEST_SIZE,
+       },
+       {
+               "sha3_384",
+               TPM2_ALG_SHA3_384,
+               TCG2_BOOT_HASH_ALG_SHA3_384,
+               TPM2_SHA384_DIGEST_SIZE,
+       },
+       {
+               "sha3_512",
+               TPM2_ALG_SHA3_512,
+               TCG2_BOOT_HASH_ALG_SHA3_512,
+               TPM2_SHA512_DIGEST_SIZE,
+       },
 };

 /* NV index attributes */
--
2.34.1

ST Restricted


More information about the U-Boot mailing list