You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/TPM.md
+36Lines changed: 36 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -17,6 +17,42 @@ In wolfBoot we support TPM based root of trust, sealing/unsealing, cryptographic
17
17
|`WOLFBOOT_TPM_SEAL=1`|`WOLFBOOT_TPM_SEAL`| Enables support for sealing/unsealing based on PCR policy signed externally. |
18
18
|`WOLFBOOT_TPM_SEAL_NV_BASE=0x01400300`|`WOLFBOOT_TPM_SEAL_NV_BASE`| To override the default sealed blob storage location in the platform hierarchy. |
19
19
|`WOLFBOOT_TPM_SEAL_AUTH=secret`|`WOLFBOOT_TPM_SEAL_AUTH`| Password for sealing/unsealing secrets, if omitted the PCR policy will be used |
20
+
|`WOLFBOOT_TPM_MFG_AUTH_DERIVE=1`|`WOLFBOOT_TPM_MFG_AUTH_DERIVE`| MFG identity: opt into on-device derive-from-master. The default is a precomputed per-device authValue (no master secret on device). Requires `WOLFTPM_MFG_IDENTITY`. |
0 commit comments