The source repository for the Trusted Platform Module (TPM2.0) tools
--disable-continue session
so that the subsequent command will not fail
when attempting to context save a flushed session.tpm2_eventlog: - add H-CRTM event support - add support of efivar versions less than 38 - Add support to check for efivar/efivar.h manually - Minor formatting fixes - tpm2_eventlog: add support for replay with different StartupLocality - Fix pcr extension for EV_NO_ACTION - Extend test of yaml string representation - Use helper for printing a string dump - Fix upper bound on unique data size - Fix YAML string formatting
tpm2_policy:
tpm2_encryptdecrypt: Fix pkcs7 padding stripping
tpm2_duplicate:
tpm2_encodeobject: Use the correct -O option instead of -C
tpm2_unseal: Add qualifier static to enhance the privacy of unseal function
tpm2_sign:
tpm2_createek: - Correct man page example
tpm2_clear: add more details about the action
tpm2_startauthsession: allow the file attribute for policy authorization.
tpm2_getekcertificate: Add AMD EK support
tpm2_ecdhzgen: Add public-key parameter
tpm2_nvreadpublic: Prevent free of unallocated pointers on failure
Bug-fixes:
The readthedocs build failed with module 'jinja2' has no attribute 'contextfilter' a requirement file was added to fix this problem
An error caused by the flags -flto -_FORTIFY_SOURCE=3 in kdfa implementation. This error can be avoided by switching off the optimization with pragma
Changed wrong function name of "Esys_Load" to "Esys_Load"
Function names beginning with Esys_ are wrongly written as Eys_
Reading and writing a serialized persistent ESYS_TR handles
cirrus-ci update image-family to freebsd-13-2 from 13-1
misc:
Change the default Python version to Python3 in the helper's code
Skip test which uses the sign operator for comparison in abrmd_policynv.sh
tools/tr_encode: Add a tool that can encode serialized ESYS_TR for persistent handles from the TPM2B_PUBLIC and the raw persistent TPM2_HANDLE
Add safe directory in config
tpm2_eventlog:
tpm2_policy:
tpm2_encryptdecrypt: Fix pkcs7 padding stripping
tpm2_duplicate:
tpm2_encodeobject: Use the correct -O option instead of -C
tpm2_unseal: Add qualifier static to enhance the privacy of unseal function
tpm2_sign:
tpm2_createek:
tpm2_clear: add more details about the action
tpm2_startauthsession: allow the file attribute for policy authorization.
tpm2_getekcertificate: Add AMD EK support
tpm2_ecdhzgen: Add public-key parameter
tpm2_nvreadpublic: Prevent free of unallocated pointers on failure
Bug-fixes:
The readthedocs build failed with module 'jinja2' has no attribute 'contextfilter' a requirement file was added to fix this problem
An error caused by the flags -flto -_FORTIFY_SOURCE=3 in kdfa implementation. This error can be avoided by switching off the optimization with pragma
Changed wrong function name of "Esys_Load" to "Esys_Load"
Function names beginning with Esys_ are wrongly written as Eys_
Reading and writing a serialized persistent ESYS_TR handles
cirrus-ci update image-family to freebsd-13-2 from 13-1
misc:
Change the default Python version to Python3 in the helper's code
Skip test which uses the sign operator for comparison in abrmd_policynv.sh
tools/tr_encode: Add a tool that can encode serialized ESYS_TR for persistent handles from the TPM2B_PUBLIC and the raw persistent TPM2_HANDLE
tpm2_policyrestart:
tpm2_policynvwritten:
tpm2_policylocality:
tpm2_policycountertimer:
tpm2_policycommandcode:
tpm2_policypassword:
tpm2_policyauthvalue:
tpm2_policyauthorize:
tpm2_print:
tpm2_create:
-c
when TPM2_CreateLoaded
is not supported.tpm2_getcap:
Add a script, check_endorsement_cert.sh, to validate the endorsement certificate chain. It takes two inputs - A TPM2B_PUBLIC format EKpublic and a PEM format EKcertificate specified in that order as arguments.
tpm2_policyrestart:
tpm2_policynvwritten:
tpm2_policylocality:
tpm2_policycountertimer:
tpm2_policycommandcode:
tpm2_policypassword:
tpm2_policyauthvalue:
tpm2_policyauthorize:
tpm2_print:
tpm2_create:
-c
when TPM2_CreateLoaded
is not supported.tpm2_getcap:
Add a script, check_endorsement_cert.sh, to validate the endorsement certificate chain. It takes two inputs - A TPM2B_PUBLIC format EKpublic and a PEM format EKcertificate specified in that order as arguments.