TODO list for v0.11 #475
Description
For v0.11:
- Rebase on TCG TPM repo
- Adjust MAX_CONTEXT_SIZE for RSA 4096:
#define MAX_CONTEXT_SIZE 2680 /* libtpms: changed for RSA-3072 */ - Test cases (in swtpm) for RSA-4096
- Test cases (in swtpm) for default-v2 profile
- SVN-limited hierarchy support: WIP: Add support for enabling the SVN-limited hierarchy #470
- Complete/advance FIPS-140-3 support: WIP: tpm2: Add RuntimeAttribute fips-140-3 to restrict TPM 2 (StateFo… #469
- Is this new RSA key gen algorithm needed? https://github.com/stefanberger/libtpms/tree/stefanberger/rev180.part3
- PQC support
- Enlarge IO buffer to 8(?)kb
- Do we need a chunked transfer API to support TPM CRB chunks?
- Enable ML-DSA:
- Enable new commands:
- VerifySequenceComplete
- SignSequenceComplete
- VerifyDigestSignature
- SignDigest
- VerifySequenceStart
- SignSequenceStart
- Support marshalling of ML-DSA keys as part of OBJECT (?) needed for state and context
- Write the state maintained during a sequence
- Enable new commands:
- Enable ML-KEM:
- Enable new commands:
- Encapsulate
- Decapsulate
- Support marshalling of ML-KEM keys as part of OBJECT (?) needed for state and context
- Enable new commands:
- Enlarge IO buffer to 8(?)kb
- Extend MAX_NV_INDEX_SIZE to allow ML-DSA signed EK and platform certificates to be written to one index. (ML-DSA-44: ~2757 bytes; ML-DSA-87: ~4964 bytes) OR wait for Falcon PQC with smaller signatures(?): tpm2: Increase MAX_NV_INDEX_SIZE (StateFormatLevel 9) #535
- Re-add Camellia-192 test cases
- Re-add SM4 support
- All files must have SPDX-License-Identifier