lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 14 Nov 2022 13:00:08 -0500
From:   James Bottomley <jejb@...ux.ibm.com>
To:     Evan Green <evgreen@...omium.org>
Cc:     Eric Biggers <ebiggers@...nel.org>, linux-kernel@...r.kernel.org,
        corbet@....net, linux-integrity@...r.kernel.org,
        gwendal@...omium.org, dianders@...omium.org, apronin@...omium.org,
        Pavel Machek <pavel@....cz>, Ben Boeckel <me@...boeckel.net>,
        rjw@...ysocki.net, Kees Cook <keescook@...omium.org>,
        dlunev@...gle.com, zohar@...ux.ibm.com,
        Matthew Garrett <mgarrett@...ora.tech>, jarkko@...nel.org,
        linux-pm@...r.kernel.org, David Howells <dhowells@...hat.com>,
        James Morris <jmorris@...ei.org>,
        Paul Moore <paul@...l-moore.com>,
        "Serge E. Hallyn" <serge@...lyn.com>, keyrings@...r.kernel.org,
        linux-security-module@...r.kernel.org
Subject: Re: [PATCH v5 04/11] security: keys: trusted: Include TPM2 creation
 data

On Mon, 2022-11-14 at 09:43 -0800, Evan Green wrote:
> On Mon, Nov 14, 2022 at 8:56 AM James Bottomley <jejb@...ux.ibm.com>
> wrote:
[...]
> > Of course, since openssl_tpm2_engine is the complete reference
> > implementation that means I'll have to add the creation PCRs
> > implementation to it ... unless you'd like to do it?
> 
> I am willing to help as I'm the one making the mess. How does it
> sequence along with your draft submission (before, after,
> simultaneous)?

At the moment, just send patches.  The openssl_tpm2_engine is developed
on a groups.io mailing list:

https://groups.io/g/openssl-tpm2-engine/

You need an IETF specific tool (xml2rfc) to build the rfc from the xml,
but it's available in most distros as python3-xml2rfc.  If you don't
want to learn the IETF XML I can help you code up the patch to add that
to the draft spec.

Regards,

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ