tpm2: Add 'default-v2' profile

The 'default-v2' profile is currently just a copy of the 'default-v1' profile, other than the change in the .description text to change 'v0.10' to 'v0.11'. Signed-off-by: Dan Streetman <ddstreet@ieee.org>
2026-01-16 06:04:59 +00:00 · 2025-04-24 12:15:12 -04:00 · 2025-04-24 12:15:12 -04:00 · 63d0d49a7f
commit 63d0d49a7f
parent 63627b335e
2 changed files with 41 additions and 3 deletions
--- a/src/tpm2/RuntimeProfile.c
+++ b/src/tpm2/RuntimeProfile.c
@ -111,9 +111,27 @@ static const struct RuntimeProfileDesc {
 #define DESCRIPTION_MAX_SIZE        250
    bool allowModifications; /* user is allowed to modify algorithms profile */
 } RuntimeProfileDescs[] = {
-#define PROFILE_DEFAULT_IDX	0
-#define PROFILE_NULL_IDX	1
-    [PROFILE_DEFAULT_IDX] = {
+#define PROFILE_DEFAULT_V2_IDX	0
+#define PROFILE_DEFAULT_V1_IDX	(PROFILE_DEFAULT_V2_IDX + 1)
+#define PROFILE_NULL_IDX	(PROFILE_DEFAULT_V1_IDX + 1)
+    [PROFILE_DEFAULT_V2_IDX] = {
+	 /* do not change this profile */
+	.name = "default-v2",
+	.commandsProfile   = "0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,0x15b-0x15e,"
+			     "0x160-0x165,0x167-0x174,0x176-0x178,0x17a-0x193,0x197,"
+			     "0x199-0x19c",
+	.algorithmsProfile = "rsa,rsa-min-size=1024,tdes,tdes-min-size=128,sha1,hmac,"
+			     "aes,aes-min-size=128,mgf1,keyedhash,xor,sha256,sha384,sha512,"
+			     "null,rsassa,rsaes,rsapss,oaep,ecdsa,ecdh,ecdaa,sm2,ecschnorr,ecmqv,"
+			     "kdf1-sp800-56a,kdf2,kdf1-sp800-108,ecc,ecc-min-size=192,ecc-nist,"
+			     "ecc-bn,ecc-sm2-p256,symcipher,camellia,camellia-min-size=128,cmac,"
+			     "ctr,ofb,cbc,cfb,ecb",
+	.stateFormatLevel  = 7,
+	.description = "This profile enables all libtpms v0.11-supported commands and "
+		       "algorithms. This profile is compatible with libtpms >= v0.11.",
+	.allowModifications = false,
+    },
+    [PROFILE_DEFAULT_V1_IDX] = {
 	 /* do not change this profile */
 	.name = "default-v1",
 	.commandsProfile   = "0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,0x15b-0x15e,"
--- a/tests/tpm2_setprofile.c
+++ b/tests/tpm2_setprofile.c
@ -55,6 +55,26 @@ static const struct {
        .profile = "{\"Name\":\"null\"}",
        .exp_fail = false,
        .exp_profile = null_profile,
+    }, {
+        .profile = "{\"Name\":\"default-v2\"}",
+        .exp_profile =
+          "{\"ActiveProfile\":{"
+            "\"Name\":\"default-v2\","
+            "\"StateFormatLevel\":7,"
+            "\"Commands\":\"0x11f-0x122,0x124-0x12e,0x130-0x140,0x142-0x159,"
+                           "0x15b-0x15e,0x160-0x165,0x167-0x174,0x176-0x178,"
+                           "0x17a-0x193,0x197,0x199-0x19c\","
+            "\"Algorithms\":\"rsa,rsa-min-size=1024,tdes,tdes-min-size=128,"
+                             "sha1,hmac,aes,aes-min-size=128,mgf1,keyedhash,"
+                             "xor,sha256,sha384,sha512,null,rsassa,rsaes,rsapss,"
+                             "oaep,ecdsa,ecdh,ecdaa,sm2,ecschnorr,ecmqv,"
+                             "kdf1-sp800-56a,kdf2,kdf1-sp800-108,ecc,ecc-min-size=192,"
+                             "ecc-nist,ecc-bn,ecc-sm2-p256,symcipher,camellia,"
+                             "camellia-min-size=128,cmac,ctr,ofb,cbc,cfb,ecb\","
+            "\"Description\":\"This profile enables all libtpms v0.11-supported "
+                              "commands and algorithms. This profile is compatible with "
+                              "libtpms >= v0.11.\""
+          "}}",
    }, {
        .profile = "{\"Name\":\"default-v1\"}",
        .exp_profile =