[PATCH] tpm-v2: allow algo name to be conigured for pcr_read and pcr_extend

Thu Mar 28 16:33:36 CET 2024

On Thu, Mar 28, 2024 at 12:37 AM Ilias Apalodimas
<ilias.apalodimas at linaro.org> wrote:
>
> Hi Tim,
>
> [...]
>
> >
> > +/**
> > + * tpm2_algo_len() - Return an algo value and length given a algorithm name
> > + *
> > + * @name: algorithm name
> > + * @rwlen: pointer to integer to populate with algorithm length if non-null
> > + * Return: algorithm value
> > + */
> > +int tpm2_algo_len(const char *name, int *rwlen);
> > +
> > +/**
> > + * tpm2_algo_len() - Return an algoithm name string
> > + *
> > + * @algo: algorithm value
> > + * Return: algorithm string
> > + */
> > +const char *tpm2_algo_name(int algo);
> > +
> >  #endif /* __TPM_V2_H */
> > diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> > index 68eaaa639f89..6a090ce5810c 100644
> > --- a/lib/tpm-v2.c
> > +++ b/lib/tpm-v2.c
> > @@ -1555,3 +1555,49 @@ u32 tpm2_enable_nvcommits(struct udevice *dev, uint vendor_cmd,
> >
> >         return 0;
> >  }
> > +
> > +int tpm2_algo_len(const char *name, int *rwlen)
> > +{
> > +       int algo = -EINVAL;
> > +       int len = 0;
> > +
> > +       if (!strcasecmp("sha1", name)) {
> > +               algo = TPM2_ALG_SHA1;
> > +               len = TPM2_SHA1_DIGEST_SIZE;
> > +       } else if (!strcasecmp("sha256", name)) {
> > +               algo = TPM2_ALG_SHA256;
> > +               len = TPM2_SHA256_DIGEST_SIZE;
> > +       } else if (!strcasecmp("sha384", name)) {
> > +               algo = TPM2_ALG_SHA384;
> > +               len = TPM2_SHA384_DIGEST_SIZE;
> > +       } else if (!strcasecmp("sha512", name)) {
> > +               algo = TPM2_ALG_SHA512;
> > +               len = TPM2_SHA512_DIGEST_SIZE;
> > +       } else if (!strcasecmp("sm3_256", name)) {
> > +               algo = TPM2_ALG_SM3_256;
> > +               len = TPM2_SM3_256_DIGEST_SIZE;
> > +       }
> > +
> > +       if (*rwlen)
> > +               *rwlen = len;
> > +
> > +       return algo;
> > +}
> > +
>
> We already have tpm2_algorithm_to_len(). Instead of defining a new
> function, can we convert strings to 'enum tpm2_algorithms'? We can
> then reuse the existing function.
>

Hi Ilias,

Thanks - I didn't see tpm2_algorithm_to_len. Yes, I can use it but I
still need to add a new function to turn the name into an algo. I also
didn't see tpm2_supported_algorithms; should I only support
name-to-algorithm and algorithm-to-name for that subset?

Best Regards,

Tim

> > +const char *tpm2_algo_name(int algo)
> > +{
> > +       switch (algo) {
> > +       case TPM2_ALG_SHA1:
> > +               return "sha1";
> > +       case TPM2_ALG_SHA256:
> > +               return "sha256";
> > +       case TPM2_ALG_SHA384:
> > +               return "sha384";
> > +       case TPM2_ALG_SHA512:
> > +               return "sha512";
> > +       case TPM2_ALG_SM3_256:
> > +               return "sm3_256";
> > +       }
> > +
> > +       return "";
> > +}
> > --
> > 2.25.1
> >
>
> Thanks
> /Ilias