Introduce fixed endorsement cert and tpm_manufactured
Providing the simulator with an endorsement seed and certificates will make the tpm2 simulator device more useful for testing. The seend and certificates are fixed and should be installed after manufacture.
The certificates will also be used to verify the device has already been manufactured.
tpm_manufacture will be the interface to verify the device is only manufactured once, thus retaining previous states and information after reboot.
BUG=b:132144919
TEST=Running on board Betty with the tpm2_simulator flag, trunks_client
--endorsement_public_key returns the injected key.
Cq-Depend: chromium:2366016, chromium:2372066
Change-Id: Iea271a7d731f594f87fb01a3e2f55181965b847d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/tpm2/+/2366414
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Alberto Herrera <ahrfgb@google.com>
Commit-Queue: Alberto Herrera <ahrfgb@google.com>
4 files changed